From: Dave Taht <dave.taht@gmail.com>
To: Outback Dingo <outbackdingo@gmail.com>
Cc: cerowrt-devel@lists.bufferbloat.net
Subject: Re: [Cerowrt-devel] aarch64 exploit POC
Date: Sun, 7 Jan 2018 08:10:28 -0800 [thread overview]
Message-ID: <CAA93jw6JQs+rwTPWC2kfQqY1YsYhffSFJbVkkSgYBnj74t=tnw@mail.gmail.com> (raw)
In-Reply-To: <CAKYr3zzs3-6u0p-OqnCR9N9p9eQW5au3ALmfY=9DaWH14AGR0w@mail.gmail.com>
On Sun, Jan 7, 2018 at 7:47 AM, Outback Dingo <outbackdingo@gmail.com> wrote:
> OH hell... notifying all my "cohorts"...... thanks for the heads up
Then go drinking.
Aside from x86 arches (anyone have word on the x86 chip in the
pcengines?), it looks like the mips chips simply were not advanced
enough to have this level of speculation and out of order behavior.
The turris omnia and a few other high end arm chips in this part of
the embedded router space are also vulnerable (I'm hoping that the
lede folk can compile a list) - but - if you can execute *any*
malicious code as root on embedded boxes - which is usually the case -
you've already won.
The Mill, Itanium, MIPs, and older arms are ok. There are huge lists
being assembled on wikipedia, reddit, and elsewhere.
My own terror is primarily for stuff in the cloud. There IS a vendor
renting time on bare metal in-expensively, which I'm considering.
(example: https://www.packet.net/bare-metal/servers/type-2a/)
Ironically all the bufferbloat.net services used to run on bare metal,
until the competing lower costs of the cloud knocked isc.org out of
the business.
>
> On Sun, Jan 7, 2018 at 10:15 AM, Dave Taht <dave.taht@gmail.com> wrote:
>> https://plus.google.com/+KristianK%C3%B6hntopp/posts/6CduVXSy6Kd
>>
>> There comes a time after coping with security holes nonstop for 5 days
>> straight, when it is best to log off the internet entirely, stop
>> thinking, drink lots of rum, and go surfing.
>>
>> Today is that day, for me.
>>
>> --
>>
>> Dave Täht
>> CEO, TekLibre, LLC
>> http://www.teklibre.com
>> Tel: 1-669-226-2619
>> _______________________________________________
>> Cerowrt-devel mailing list
>> Cerowrt-devel@lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/cerowrt-devel
--
Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619
next prev parent reply other threads:[~2018-01-07 16:10 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-07 15:15 Dave Taht
2018-01-07 15:47 ` Outback Dingo
2018-01-07 16:10 ` Dave Taht [this message]
2018-01-07 16:21 ` Outback Dingo
2018-01-07 16:46 ` Dave Taht
2018-01-07 16:22 ` Jonathan Morton
2018-01-07 19:03 dpreed
2018-01-08 15:49 ` Dave Taht
2018-01-08 15:57 ` Jonathan Morton
2018-01-09 18:19 ` Dave Taht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAA93jw6JQs+rwTPWC2kfQqY1YsYhffSFJbVkkSgYBnj74t=tnw@mail.gmail.com' \
--to=dave.taht@gmail.com \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=outbackdingo@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox