Re: meltdown

To: tech-kern%NetBSD.org@localhost
Subject: Re: meltdown
From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Date: Fri, 5 Jan 2018 08:10:30 -0500 (EST)

> If there's anything this issue showed is that we definitely need
> fewer people independently considering the issue and openly
> discussing their own (occasionally wrong) suggestions.

Actually, it seems to me we need more.  More minds looking at it, more
discussion of the various ramifications and workarounds.  Lack of
public discussion serves nobody at this point, possibly execpting
chip-makers trying to downplay their bugs.  The hardware bugs behind
these (that speculative execution doesn't make security checks
correctly and doesn't roll back all its side effects when annulled) are
so ubiquitous that the _correct_ fix - buying non-buggy hardware - is
close to impossible.  The only thing most people can do is try to find
workarounds.

I feel reasonably sure that, at this point, there are at least a few
exploitable side-channels and a few workarounds that aren't known
publicly (possibly at all), and more people thinking about them is the
only thing likely to fix that.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

References:
- meltdown
  - From: maya
- Re: meltdown
  - From: Phil Nelson
- Re: meltdown
  - From: Dave Huang
- Re: meltdown
  - From: maya

Prev by Date: Re: meltdown
Next by Date: Re: meltdown
Previous by Thread: Re: meltdown
Next by Thread: Re: meltdown
Indexes:

Home | Main Index | Thread Index | Old Index