|
|
|
|
|
|
by rdtsc
3086 days ago
|
|
|
> Things happen. It's impossible to predict every contingency. Normally I'd agree but not in this case. Notice that besides latest ARM it seems no other architecture is susceptible to Meltdown - s390x, SPARC, POWER, AMD etc. Speculatively loading and executing code across protection boundary is something someone should have thought twice about. Doesn't mean other vendors knew or had PoC examples, but they could have had an instinctive hunch. I've given this example before, say I have some sensitive data on a server. I could install a bunch of services and API endpoints on it, to access it faster, inspect it, extract it various formats etc. Or I could decide to lock it down and just install only the minimum number of needed things, locked everything down. Doesn't mean I knew all those additional APIs or services had vulnerabilities, but it's just a good practice. If the server gets hacked and someone looks back, I think they would be justified asking "What the hell were you thinking installing all that crap you didn't need on it". |
|
|