[c-nsp] [j-nsp] Meltdown and Spectre
Gert Doering
gert at greenie.muc.de
Mon Jan 8 04:01:25 EST 2018
Hi,
On Mon, Jan 08, 2018 at 09:32:23AM +0100, Thilo Bangert wrote:
> Den 06-01-2018 kl. 19:49 skrev Sebastian Becker:
> > Same here. User that have access are implicit trusted.
>
> You do have individual user accounts on the equipment, right?
>
> The idea of having secure individual logins goes down the drain with
> Meltdown and Spectre. You want to be sure that a person logged into a
> box cannot snoop the password of a co-worker.
Only if said person can execute *arbitrary* code. Which you can't on my
routers, no matter what sort of account I'm giving you.
gert
--
now what should I write here...
Gert Doering - Munich, Germany gert at greenie.muc.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20180108/e5b514ac/attachment.sig>
More information about the cisco-nsp
mailing list