Sujet : Re: Another security vulnerability
De : already5chosen (at) *nospam* yahoo.com (Michael S)
Groupes : comp.archDate : 25. Mar 2024, 14:53:06
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <20240325165306.0000260d@yahoo.com>
References : 1 2
User-Agent : Claws Mail 3.19.1 (GTK+ 2.24.33; x86_64-w64-mingw32)
On Mon, 25 Mar 2024 07:26:35 -0600
John Savard <
quadibloc@servername.invalid> wrote:
On Sun, 24 Mar 2024 10:40:18 -0700, Stephen Fuld
<sfuld@alumni.cmu.edu.invalid> wrote:
https://arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips/
So, is there a way to fix this while maintaining the feature's
performance advantage?
While the article was pessimistic about fixing it by a microcode fix
that could be downloaded, the description didn't suggest to me that it
would be hard to correct it in future designs. Maybe my memory is
faulty.
John Savard
The description suggests that it wouldn't be hard to correct by
introduction of new mode bit that can be turned on and off by cryto
libraries.
That is not going to help existing binaries.
Now, personally I don't believe that for single-user platform like Mac
the threat is even remotely real and that any fix is needed. And I am
not even an Apple fanboy, more like a mild hater.