On Fri, Jan 5, 2018 at 11:37 AM, K. Macy <[email protected]> wrote: > On Fri, Jan 5, 2018 at 11:11 AM, Cy Schubert <[email protected]> > wrote: >> According to a Red Hat announcement, Power and Series z are also vulnerable. >> > > Link?
Spectre yes. Meltdown no. Spectre is a problem but much harder to exploit. It's Intel's handling of meltdown that is seriously grounds for table flipping. https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/ > > >> --- >> >> -----Original Message----- >> From: Eric McCorkle >> Sent: 05/01/2018 04:48 >> To: Jules Gilbert; Ronald F. Guilmette; Freebsd Security; Brett Glass; >> Dag-Erling Smørgrav; Poul-Henning Kamp; [email protected]; FreeBSD >> Hackers; Shawn Webb; Nathan Whitehorn >> Subject: Re: Intel hardware bug >> >> On 01/05/2018 05:07, Jules Gilbert wrote: >>> Sorry guys, you just convinced me that no one, not the NSA, not the FSB, >>> no one!, has in the past, or will in the future be able to exploit this >>> to actually do something not nice. >> >> Attacks have already been demonstrated, pulling secrets out of kernel >> space with meltdown and http headers/passwords out of a browser with >> spectre. Javascript PoCs are already in existence, and we can expect >> them to find their way into adware-based malware within a week or two. >> >> Also, I'd be willing to bet you a year's rent that certain three-letter >> organizations have known about and used this for some time. >> >>> So what is this, really?, it's a market exploit opportunity for AMD. >> >> Don't bet on it. There's reports of AMD vulnerabilities, also for ARM. >> I doubt any major architecture is going to make it out unscathed. (But >> if one does, my money's on Power) >> _______________________________________________ >> [email protected] mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-arch >> To unsubscribe, send any mail to "[email protected]" >> >> _______________________________________________ >> [email protected] mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-arch >> To unsubscribe, send any mail to "[email protected]" _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
