Intel hardware bug

[K. Macy]

On Fri, Jan 5, 2018 at 11:11 AM, Cy Schubert <Cy.Schubert at cschubert.com> wrote:
> According to a Red Hat announcement, Power and Series z are also vulnerable.
>

Link?


> ---
>
> -----Original Message-----
> From: Eric McCorkle
> Sent: 05/01/2018 04:48
> To: Jules Gilbert; Ronald F. Guilmette; Freebsd Security; Brett Glass; Dag-Erling Smørgrav; Poul-Henning Kamp; freebsd-arch at freebsd.org; FreeBSD Hackers; Shawn Webb; Nathan Whitehorn
> Subject: Re: Intel hardware bug
>
> On 01/05/2018 05:07, Jules Gilbert wrote:
>> Sorry guys, you just convinced me that no one, not the NSA, not the FSB,
>> no one!, has in the past, or will in the future be able to exploit this
>> to actually do something not nice.
>
> Attacks have already been demonstrated, pulling secrets out of kernel
> space with meltdown and http headers/passwords out of a browser with
> spectre.  Javascript PoCs are already in existence, and we can expect
> them to find their way into adware-based malware within a week or two.
>
> Also, I'd be willing to bet you a year's rent that certain three-letter
> organizations have known about and used this for some time.
>
>> So what is this, really?, it's a market exploit opportunity for AMD.
>
> Don't bet on it.  There's reports of AMD vulnerabilities, also for ARM.
> I doubt any major architecture is going to make it out unscathed.  (But
> if one does, my money's on Power)
> _______________________________________________
> freebsd-arch at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-arch
> To unsubscribe, send any mail to "freebsd-arch-unsubscribe at freebsd.org"
>
> _______________________________________________
> freebsd-arch at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-arch
> To unsubscribe, send any mail to "freebsd-arch-unsubscribe at freebsd.org"