Re: Meltdown – Spectre

Baho Utot baho-utot at
Mon Jan 8 12:28:51 UTC 2018

On 1/8/2018 4:15 AM, Aryeh Friedman wrote:
> On Mon, Jan 8, 2018 at 3:57 AM, Matthias Apitz <guru at> wrote:
>> As I side note, and not related to FreeBSD: My Internet server is run by
>> some webhosting company (, they use Ubuntu servers and since
>> yesterday they have shutdown SSH access to the servers argumenting that
>> they want
>> protect my (all's) servers against attacks of Meltdown and Spectre.
>> Imagine, next time we have to shutdown all IOT gadgets...
>   Not always possible for things like medical test equipment/devices.  For
> example I maintain a specialized EMR for interacting with Dr. prescribed
> remote cardiac monitors.   Having those off line is not an option since
> they are used to detect if the patient needs something more serious like a
> pace maker (also almost always a IoT device these days) surgery.
> The actual monitoring is done on Windows and was attacked by some
> ransomeware via a bit coin miner that somehow installed it self.   Since
> all the users claim that they don't read email/upload/download executables
> or any other of the known attack vectors this leaves something like
> Meltdown or Spectre.   We have also detected issues on the CentOS that has
> the non-medical corporate site on it.   The only machine left on touched on
> the physical server (running some bare metal virtualization tool) is the
> FreeBSD machine that runs the actual EMR we wrote.
> TL;DR -- It seems Linux and Windows already have issues with these holes
> but I have seen little to no evidence that FreeBSD (when run as a host).
> In general when ever any virtualization issue (like the bleed through on
> Qemu last year) comes up FreeBSD is the one OS that seems to be immune
> (thanks to good design of the OS and bhyve).   This is the main reason why
> I chose FreeBSD over Linux as the reference host for PetiteCloud.

This is not operating system specific,  read the papers on theses two. 
it attacks the cpu, usally through a JIT

More information about the freebsd-questions mailing list