[Cerowrt-devel] aarch64 exploit POC

Dave Taht dave.taht at gmail.com
Tue Jan 9 13:19:56 EST 2018


On Mon, Jan 8, 2018 at 7:57 AM, Jonathan Morton <chromatix99 at gmail.com> wrote:
>
>
>> On 8 Jan, 2018, at 5:49 pm, Dave Taht <dave.taht at gmail.com> wrote:
>>
>> Can I get a discount for running stuff I don't care about on obsolete
>> hardware? The 5 dollar insecurity special?
>
> You can pass command-line arguments to the kernel to turn off the retpoline and kpti patches.  Obviously, don't do that on a virtualised box, but you can do it on hardware you own and operate yourself with no untrusted code.

Not my point. it might be possible to buy time on hardware known to be
more secure, or (as I suggested)
get a discount for time on hardware known to insecure.

In other news:

https://lists.xenproject.org/archives/html/xen-devel/2018-01/msg00436.html

And I'm still waiting on a plan from linode.

https://blog.linode.com/

>  - Jonathan Morton
>



-- 

Dave Täht
CEO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-669-226-2619


More information about the Cerowrt-devel mailing list