Re: [NF] Meltdown and Spectre CPU Flaw Information

On Tue, Jan 9, 2018 at 1:24 PM, Ted Roche wrote: > On Sun, Jan 7, 2018 at 5:27 AM, AndyHC wrote: > >> Having read El Reg's pretty good article [ >> http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/ ] I >> would just take issue

Re: [NF] Meltdown and Spectre CPU Flaw Information

On Sun, Jan 7, 2018 at 5:27 AM, AndyHC wrote: > Having read El Reg's pretty good article [ > http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/ ] I > would just take issue with the suggestion that the vulnerability could be > breached by Javascript

Re: [NF] Meltdown and Spectre CPU Flaw Information

On 07-Jan-2018 9:57 PM, Paul Hill wrote: Old cheesy related joke: Knock knock! Branch prediction Who's there? Like! --- StripMime Report -- processed MIME parts --- multipart/alternative text/plain (text body -- kept) text/html --- ___ Post

Re: [NF] Meltdown and Spectre CPU Flaw Information

Old cheesy related joke: Knock knock! Branch prediction Who's there? -- Paul ___ Post Messages to: ProFox@leafe.com Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list:

Re: [NF] Meltdown and Spectre CPU Flaw Information

Having read El Reg's pretty good article [ http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/ ] I would just take issue with the suggestion that the vulnerability could be breached by Javascript (malign code in e.g. a jpg maybe, but not just javascript in a browser).

Re: [NF] Meltdown and Spectre CPU Flaw Information

Can software fix a hardware design fault? No, but you can work potentially around it by causing the processor to work in a different way. Also connecting a C64 to the internet is easier than you might think. -- Alan Bourke alanpbourke (at) fastmail (dot) fm On Sat, 6 Jan 2018, at 3:20

Re: [NF] Meltdown and Spectre CPU Flaw Information

Yes - I guess I could have answered my own question. I was mostly shocked at the concept. And - no - its SO Damn Cold up here in the NorthEast right now - that even Google is Frozen and doesn't work!!! :-) -K- On 1/6/2018 12:39 PM, Ed Leafe wrote: On Jan 6, 2018, at 10:57 AM, Kurt at

Re: [NF] Meltdown and Spectre CPU Flaw Information

On Jan 6, 2018, at 10:57 AM, Kurt at VR-FX wrote: > Will admit - I never heard of this RowHammer concept! Is it for Real? I > suspect so... Oh, they don't have Google in your area? Too bad! http://lmgtfy.com/?q=rowhammer -- Ed Leafe --- StripMime Report --

Re: [NF] Meltdown and Spectre CPU Flaw Information

Ed - that comic is pretty wild! Will admit - I never heard of this RowHammer concept! Is it for Real? I suspect so... -K- On 1/5/2018 3:20 PM, Ed Leafe wrote: On Jan 5, 2018, at 9:00 AM, Ed Leafe wrote: Here’s an excellent explanation of the problem, and how the exploits

Re: [NF] Meltdown and Spectre CPU Flaw Information

> On Sat, Jan 6, 2018 at 4:38 AM, AndyHC wrote: > >> Well ... if you *need* to believe that software can patch hardware design >> faults > It turns out, Microsoft very much agrees with Andy: "6. Why aren't Windows Server 2008 and Windows Server 2012 platforms

Re: [NF] Meltdown and Spectre CPU Flaw Information

Well, actually, he geek-splains... On Sat, Jan 6, 2018 at 4:38 AM, AndyHC wrote: > On 06-Jan-2018 1:50 AM, Ed Leafe wrote: >> >> On Jan 5, 2018, at 9:00 AM, Ed Leafe wrote: >> And, of course, the required xkcd take on things: >> >>

Re: [NF] Meltdown and Spectre CPU Flaw Information

This is similar to the old "What came first, viruses or antivirus software?" Laurie On 6 January 2018 at 09:38, AndyHC wrote: > On 06-Jan-2018 1:50 AM, Ed Leafe wrote: > >> On Jan 5, 2018, at 9:00 AM, Ed Leafe wrote: >> And, of course, the

Re: [NF] Meltdown and Spectre CPU Flaw Information

On 06-Jan-2018 1:50 AM, Ed Leafe wrote: On Jan 5, 2018, at 9:00 AM, Ed Leafe wrote: And, of course, the required xkcd take on things: https://xkcd.com/1938/ -- Ed Leafe Well ... if you *need* to believe that software can patch hardware design faults and you also

Re: [NF] Meltdown and Spectre CPU Flaw Information

At 00:28 2018-01-05, Alan Bourke wrote: These exploits are nasty but if they've been in Intel chips ever since they started implementing out-of-order execution in 1995 then surely if there was a serious real-world threat we would have seen it long ago? No.

RE: [NF] Meltdown and Spectre CPU Flaw Information

ch-boun...@leafe.com] On Behalf Of Alan Bourke Sent: Friday, January 05, 2018 2:28 AM To: profoxt...@leafe.com Subject: Re: [NF] Meltdown and Spectre CPU Flaw Information These exploits are nasty but if they've been in Intel chips ever since they started implementing out-of-order execution

Re: [NF] Meltdown and Spectre CPU Flaw Information

On Fri, Jan 5, 2018 at 3:20 PM, Ed Leafe wrote: > And, of course, the required xkcd take on things: > > https://xkcd.com/1938/ > And that's pretty much all you need to know! Happy Friday, folks! -- Ted Roche Ted Roche & Associates, LLC http://www.tedroche.com

Re: [NF] Meltdown and Spectre CPU Flaw Information

On Jan 5, 2018, at 9:00 AM, Ed Leafe wrote: > Here’s an excellent explanation of the problem, and how the exploits work: > > https://twitter.com/gsuberland/status/948907452786933762 > > It’s a long thread, but then again, it’s a complex issue. And, of course, the required xkcd

RE: [NF] Meltdown and Spectre CPU Flaw Information

-Mensaje original- De: ProFox [mailto:profox-boun...@leafe.com] En nombre de AndyHC Enviado el: jueves, 04 de enero de 2018 18:46 Para: profox@leafe.com Asunto: Re: [NF] Meltdown and Spectre CPU Flaw Information Nah! - nothing to worry about here - just an old government backdoor into - er

RE: [NF] Meltdown and Spectre CPU Flaw Information

e goods passes to the buyer the seller shall be entitled at any time -Original Message- From: ProFox [mailto:profox-boun...@leafe.com] On Behalf Of AndyHC Sent: 05 January 2018 17:05 To: profox@leafe.com Subject: Re: [NF] Meltdown and Spectre CPU Flaw Information On 05-Jan-2018 7:27 PM, Alan Bou

Re: [NF] Meltdown and Spectre CPU Flaw Information

On 05-Jan-2018 7:27 PM, Alan Bourke wrote: I think it's more of a side effect of the principle of out of order execution, not everything is a conspiracy. That's been going on for a very long time - IBM were doing instruction pre-fetch in the 70's or early 80's --- StripMime Report --

Re: [NF] Meltdown and Spectre CPU Flaw Information

On Jan 5, 2018, at 2:28 AM, Alan Bourke wrote: > These exploits are nasty but if they've been in Intel chips ever since they > started implementing out-of-order execution in 1995 then surely if there was > a serious real-world threat we would have seen it long ago?

RE: [NF] Meltdown and Spectre CPU Flaw Information

If you are a HIPAA shop then I'm sure your IT team is paying proper attention to this. Hah! I AM the IT team. (I have a couple of part-time assistants who do help desk and maintenance, but I'm the CIO/SysAdmin/DBA/Systems Analyst/Code Monkey/chief cook and bottle washer. We have an

Re: [NF] Meltdown and Spectre CPU Flaw Information

I think it's more of a side effect of the principle of out of order execution, not everything is a conspiracy. -- Alan Bourke alanpbourke (at) fastmail (dot) fm On Fri, 5 Jan 2018, at 9:28 AM, AndyHC wrote: > On 05-Jan-2018 1:58 PM, Alan Bourke wrote: > > These exploits are nasty but if

Re: [NF] Meltdown and Spectre CPU Flaw Information

On 05-Jan-2018 1:58 PM, Alan Bourke wrote: These exploits are nasty but if they've been in Intel chips ever since they started implementing out-of-order execution in 1995 then surely if there was a serious real-world threat we would have seen it long ago? Unless it's been very carefully

Re: [NF] Meltdown and Spectre CPU Flaw Information

On 04-Jan-2018 11:47 PM, Ted Roche wrote: Also, kudos to Microsoft for shipping their patches a week early, and spontaneously rebooting idle Windows workstations while people were freaking out over the new exploits. Good job! ...  it's almost as if they're saying "here's one I prepared

Re: [NF] Meltdown and Spectre CPU Flaw Information

h [mailto:profoxtech-boun...@leafe.com] On Behalf Of Ken > >Dibble > >Sent: Thursday, January 04, 2018 1:35 PM > >To: profoxt...@leafe.com > >Subject: Re: [NF] Meltdown and Spectre CPU Flaw Information > > > >I just can't wait to see what it's going to do to m

RE: [NF] Meltdown and Spectre CPU Flaw Information

: Thursday, January 04, 2018 1:35 PM >To: profoxt...@leafe.com >Subject: Re: [NF] Meltdown and Spectre CPU Flaw Information > >I just can't wait to see what it's going to do to my highly >virtualized network--if I ever decide to let it through. Probably a >smaller version of what i

RE: [NF] Meltdown and Spectre CPU Flaw Information

: [NF] Meltdown and Spectre CPU Flaw Information I just can't wait to see what it's going to do to my highly virtualized network--if I ever decide to let it through. Probably a smaller version of what it's already started to do to some commercial cloud systems. Windows Automatic Updates: Just Say

RE: [NF] Meltdown and Spectre CPU Flaw Information

:35 PM To: profoxt...@leafe.com Subject: Re: [NF] Meltdown and Spectre CPU Flaw Information I just can't wait to see what it's going to do to my highly virtualized network--if I ever decide to let it through. Probably a smaller version of what it's already started to do to some commercial cloud

Re: [NF] Meltdown and Spectre CPU Flaw Information

I just can't wait to see what it's going to do to my highly virtualized network--if I ever decide to let it through. Probably a smaller version of what it's already started to do to some commercial cloud systems. Windows Automatic Updates: Just Say No. (TM) Also, kudos to Microsoft for

Re: [NF] Meltdown and Spectre CPU Flaw Information

Also, kudos to Microsoft for shipping their patches a week early, and spontaneously rebooting idle Windows workstations while people were freaking out over the new exploits. Good job! On Thu, Jan 4, 2018 at 12:27 PM, Ken Dibble wrote: > Hi folks, > > Ask Woody has a very

Re: [NF] Meltdown and Spectre CPU Flaw Information

Nah! - nothing to worry about here - just an old government backdoor into - er - everything. On 04-Jan-2018 10:57 PM, Ken Dibble wrote: Hi folks, Ask Woody has a very thorough report on this, with links to more information. We all need to be fully informed about this; it is going to affect