From owner-freebsd-security@freebsd.org Thu Jan 4 09:14:20 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 27B15EA7E96 for ; Thu, 4 Jan 2018 09:14:20 +0000 (UTC) (envelope-from killing@multiplay.co.uk) Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B44D81148 for ; Thu, 4 Jan 2018 09:14:19 +0000 (UTC) (envelope-from killing@multiplay.co.uk) Received: by mail-wm0-x22a.google.com with SMTP id b141so2164133wme.1 for ; Thu, 04 Jan 2018 01:14:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=multiplay-co-uk.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language; bh=v2MT7urC7S8iZ9ZFKJm/kEPm8bvP5PQ886E7RpmrZxA=; b=e9V4ALk7gC72EE1nGol2gFhDhiKjoy9M/XHE06sTFZxZEk6vuEBqCQaY9+nsEjsi2U PymVdT4itBNVT4zLFFsz8CF4jqh+aZokei/QS3l7p1sE+c01N2T5WzGXhC4YLyT4MCnD qEWTKuhMz/Kh15ZlBMU6zKwOSAed4LZnH6esqrafDG5h3w5ZwAssu/Med/CeOuAQguII kmJChy0Jo5z6JoZk6+8PJiOrq8mOhHcCk/w/GwlkN/yOjettH8YwjgkJUkiL7L62ib4L a+pxrqquL008eOK7nvyogLZ1zxXih97XiSvpmi2+/Suk8ZbZfQoH8IiKf0Vp61V1zoi9 wrGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=v2MT7urC7S8iZ9ZFKJm/kEPm8bvP5PQ886E7RpmrZxA=; b=CeDbfh2JCNYPoEyYGJ3HqmJfRciFLYs5qTEoUSAHPOptbZTAVQ9J58q3DDGwxKFsDm pFnAxDe4VD/vw0jjnR6eqw7XshZCTThaKlwMiU18nzPizkGVTxQYb+uKvGTtBrteQqS9 MS1vLxRXPOe/yGm7DLvDL8sp3nDOkEO9MDmfT+4mi4aErQSgzQl8RkK6P5CXcZtgPLb0 pi4Mr7OBuTIZGd6bJwmM6+oiGO//hxJPT/mN5JEzmPdRYNBlqhKauxVesc+YCKdpQmW7 w65akbMqdoQbkm2X6/TGXuBaUE1B9qTk0v/CsqheGEBJanKLoUPx7UvVzFxp+2yb8zwb IXFg== X-Gm-Message-State: AKGB3mKeuexFnO1iDxqqg1NaTJo+D6H4F1Kb+dvyJ+y1SJGgYNhMCZqH ginORhCh8GurSsd4pCcV8x1JEN+sivI= X-Google-Smtp-Source: ACJfBovP+SpdsT9d6B9+tb73KnAhsFQnH290h/T/EWiCwe3Lfxz9X0hh4OpcTZLlXRl6M/vAYo67sA== X-Received: by 10.80.139.180 with SMTP id m49mr6728960edm.36.1515057257062; Thu, 04 Jan 2018 01:14:17 -0800 (PST) Received: from [10.10.1.111] ([185.97.61.1]) by smtp.gmail.com with ESMTPSA id d9sm1782014edb.18.2018.01.04.01.14.15 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 04 Jan 2018 01:14:15 -0800 (PST) Subject: Re: Intel hardware bug To: freebsd-security@freebsd.org References: <20726.1515042417@segfault.tristatelogic.com> From: Steven Hartland Message-ID: Date: Thu, 4 Jan 2018 09:14:17 +0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <20726.1515042417@segfault.tristatelogic.com> Content-Language: en-US Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jan 2018 09:14:20 -0000 On 04/01/2018 05:06, Ronald F. Guilmette wrote: > In message <2347560.AJVtGcUuTT@elisha.atlnet>, > Joey Kelly wrote: > >> ... >> No, I mean their lame excuses, dances around the truth, claiming many other >> platforms AND OPERATING SYSTEMS do it too. 'Tain't so. This is hardware, INTEL >> hardware, and not an OS problem... > While it is clearly true, even from the current very preliminary reports, that > this is indeed a hardware issue, rather than an OS issue, you may want to reserve > judgement about the possibility that this thing is confined only to Intel hardware. > > Intel, of course, has said that they believe that this bug may also affect > AMD and also ARM CPUs. (But then they would say that, wouldn't they?) But > AMD, for its part, has already put out a public statement saying that their > CPUs are not affected. > > So now, the other shoe that we should all be expecting to drop, any time now, > is some public statement from ARM Holdings, PLC. If one has already been issued > by that company, then Google News doesn't seem to be giving me any easy way to > find it, and there is nothing of relevance on the ARM corporate web site > (www.arm.com). So I suspect that they haven't said anything yet, which is > itself a rather ominous data point. They already have: https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html > > If it turns out that this same bug, or same sort of bug, also affects ARM-based > chips, then that is quite possibly an even bigger deal than the already obvious > Intel cataclysm. > > > Regards, > rfg >