Actually, as far as it concerns _personal_ computers, - as far as you allow a malicious code to run on your computer, - all bets are off, - with or without this vulnerability.
From what I've read so far (the actual information is still undisclosed),
in case of a personal computer, this vulnerability makes it easier to access _private_ information that might be protected through various ways,
e.g. stored passwords.
But a malicious program can, in principle, intercept all your keyboard input, in which case the passwords entered will be stolen.

IMHO, the impact is much stronger for shared computers, where, essentially, one user can access secrets of others. In a server environment, different users (including "root", the superuser) are "compartmentalized", so, one user cannot access anything of others,
The vulnerabilities in question open a vector of how that barrier
can be penetrated.

Smartphones, where many users install apps from questionable sources (even if it is on Google Play, it doesn't mean the app is trusted, but that's a separate issue) is also potentially a problem, despite only one user using the particular phone.

As for the US embassy, - have they opened one in NC yet? ;)



John Thu, 04 Jan 2018 10:47:14 -0800 wrote:

Just a heads up. I guess a lot of you already know more about this than I do, but I thought I'd share for the sake of the rest.

Apparently there's a bug in Intel CPUs since the Pentium Pro. It's also
possible it will affect AMD and ARM (Android Phone) CPUs.

Windows & Linux are both affected, and probably Mac OS because it runs on top of a flavor of Unix.

It's not panic time yet, because an attacker has to get you to run a malicious code before he can get into your system. But, you should step up your vigilance against phishing & other malware.

Here's what Google's security blog has to say about it:

Good luck ... and if I'm not back in three days, notify the American Embassy.

PDML Pentax-Discuss Mail List
to UNSUBSCRIBE from the PDML, please visit the link directly above and follow 
the directions.

Reply via email to