From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qt0-x243.google.com (mail-qt0-x243.google.com [IPv6:2607:f8b0:400d:c0d::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id B62113B2A4 for ; Sun, 7 Jan 2018 11:46:25 -0500 (EST) Received: by mail-qt0-x243.google.com with SMTP id i40so11115832qti.8 for ; Sun, 07 Jan 2018 08:46:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=m0UjIVzZp3ZuvqUIdp/yCxg8csvSgSyBJIANPHLdLUk=; b=SkHoLy0OxfhBZgCdJJah32yIPVkDbQPQIqJXFnxfPKpcEz7odqFo+A98nvDnNt5Rb0 TksnZLmNaxXU9RMEzB8YD3P3KD8wFkiLRbGwavidpjXc1y3VpSqcmoDy643ZX5wOT4i7 sVsd2vMBab7qqa3UE3+hNT1Qx4wjljhljUQ8kfOAvHGy5ZwFtxVzJA7MfGfqURwI0Vet WMRgeDSz57Qvn9LU8lru1BjcPrlUJ+DnqdS1KG5h74J+tqGsc8LJ3og3OdJ3CqwFWHeT BEXGufsHQ6aJTka+DFQoFaSwlSdfzJ0NH9C+V/VBG7Pt4Z2H95yR1TSxECYCB2V6l9tg 5hBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=m0UjIVzZp3ZuvqUIdp/yCxg8csvSgSyBJIANPHLdLUk=; b=miIxIf/RBZH/kTHOaKPFLwvChYy3B2qgYSngVDHrTPDmbmI0Nn9tzKnN9TEkSsUNji xmoNnM5FWpv18nlu3n/wBossZot4kalR/lL2uD+IneyDtxhbe4sHjdZuw0F74OHScYeG Sam4KWLppwFMf8oQSNUz9SdaiEBd6QXKxzQzIy6xBigiFPFG1ToHMeKKjSSJQiYBNObJ j+NRSfdErG9baWsmjqoHEt2rEFxi+p2gREUhmDVZWorETXcnLo+DbmfheZ4ihmjFyG0e p2E6pXQfvr+Gkl9kUaN1cTYm1RU1XI97Csek40gawkD/gFtcF1kc2cTJE4pS2sEYhZie Nusg== X-Gm-Message-State: AKwxytcE9BEVdwhiCcBLNoVZdo5iMpKNPMSiEZe0apVcObg6daQlNhRQ Gwffw15dxXn+nsLYHzbGrbFZGEp4uXU8aZDxj7A= X-Google-Smtp-Source: ACJfBossQUecNV6rbl0PClPP69LBgItC8E0qsGx3xEiy8et4iO2WksUEsuntaJtAsvLNFQIrroYiEwTgHO0X8d9jb5o= X-Received: by 10.200.42.80 with SMTP id l16mr12684011qtl.164.1515343585262; Sun, 07 Jan 2018 08:46:25 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.193.93 with HTTP; Sun, 7 Jan 2018 08:46:24 -0800 (PST) In-Reply-To: References: From: Dave Taht Date: Sun, 7 Jan 2018 08:46:24 -0800 Message-ID: To: Outback Dingo Cc: cerowrt-devel@lists.bufferbloat.net Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [Cerowrt-devel] aarch64 exploit POC X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Jan 2018 16:46:25 -0000 On Sun, Jan 7, 2018 at 8:21 AM, Outback Dingo wrot= e: > yes but i would think you would post it to the LEDE / OpenWRT lists also I'm not reading that email account of mine at the moment, and I'd hope folk over there are already all over this. I only logged in long enough to send out a happy new year to everyone. I was prepping to spend a few days finishing up the netem patches and maybe trying to submit cake again before the submission window closed, and then I made the mistake of inferring what the KPTI patches actually meant, and then this all happened. I'd like my vacation back, please. > On Sun, Jan 7, 2018 at 11:10 AM, Dave Taht wrote: >> On Sun, Jan 7, 2018 at 7:47 AM, Outback Dingo w= rote: >>> OH hell... notifying all my "cohorts"...... thanks for the heads up >> >> Then go drinking. >> >> Aside from x86 arches (anyone have word on the x86 chip in the >> pcengines?), it looks like the mips chips simply were not advanced >> enough to have this level of speculation and out of order behavior. >> >> The turris omnia and a few other high end arm chips in this part of >> the embedded router space are also vulnerable (I'm hoping that the >> lede folk can compile a list) - but - if you can execute *any* >> malicious code as root on embedded boxes - which is usually the case - >> you've already won. >> >> The Mill, Itanium, MIPs, and older arms are ok. There are huge lists >> being assembled on wikipedia, reddit, and elsewhere. >> >> My own terror is primarily for stuff in the cloud. There IS a vendor >> renting time on bare metal in-expensively, which I'm considering. >> >> (example: https://www.packet.net/bare-metal/servers/type-2a/) >> >> Ironically all the bufferbloat.net services used to run on bare metal, >> until the competing lower costs of the cloud knocked isc.org out of >> the business. >> >> >> >>> >>> On Sun, Jan 7, 2018 at 10:15 AM, Dave Taht wrote: >>>> https://plus.google.com/+KristianK%C3%B6hntopp/posts/6CduVXSy6Kd >>>> >>>> There comes a time after coping with security holes nonstop for 5 days >>>> straight, when it is best to log off the internet entirely, stop >>>> thinking, drink lots of rum, and go surfing. >>>> >>>> Today is that day, for me. >>>> >>>> -- >>>> >>>> Dave T=C3=A4ht >>>> CEO, TekLibre, LLC >>>> http://www.teklibre.com >>>> Tel: 1-669-226-2619 >>>> _______________________________________________ >>>> Cerowrt-devel mailing list >>>> Cerowrt-devel@lists.bufferbloat.net >>>> https://lists.bufferbloat.net/listinfo/cerowrt-devel >> >> >> >> -- >> >> Dave T=C3=A4ht >> CEO, TekLibre, LLC >> http://www.teklibre.com >> Tel: 1-669-226-2619 --=20 Dave T=C3=A4ht CEO, TekLibre, LLC http://www.teklibre.com Tel: 1-669-226-2619