He does a good job of explaining these high provile vulnerabilities.
On Fri, 5 Jan 2018, Jonathan Morton wrote:
On 5 Jan, 2018, at 5:35 pm, dpr...@deepplum.com wrote:
Of course the "press" wants everyone to be superafraid, so if they can say "KVM is
affected" that causes the mob to start runn
> On 5 Jan, 2018, at 5:35 pm, dpr...@deepplum.com wrote:
>
> Of course the "press" wants everyone to be superafraid, so if they can say
> "KVM is affected" that causes the mob to start running for the exits!
Meanwhile, in XKCD land...
https://xkcd.com/1938/
- Jonathan Morton
the exits!
Summary: hardware virtualization appears to be a pragmatic form of isolation
that works. And thus many cloud providers are fine.
-Original Message-
From: "Jonathan Morton"
Sent: Friday, January 5, 2018 9:07am
To: "Dave Taht"
Cc: "dpr...@deeppl
> On 5 Jan, 2018, at 6:53 am, Dave Taht wrote:
>
> It took me a long while to digest that one. The branch predictor
> analysis of haswell was easiest to understand (and AMD claims to have
> an AI based one), and perhaps scrambling that at random intervals
> would help? (this stuff is now way abov
It took me a long while to digest that one. The branch predictor
analysis of haswell was easiest to understand (and AMD claims to have
an AI based one), and perhaps scrambling that at random intervals
would help? (this stuff is now way above my pay grade)
___
As I continue to study the Spectre bug, I read the Project Zero post about
POC's they developed for Spectre.
[
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
](
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
)
