[j-nsp] [c-nsp] Meltdown and Spectre

Gert Doering gert at greenie.muc.de
Sat Jan 6 06:58:33 EST 2018


Hi,

On Sat, Jan 06, 2018 at 12:04:22PM +0100, james list wrote:
> For cve related to Meltdown and Spectre I'm wondering to know what are you
> doing or going to do on your networking gears?

"Nothing"...

My networking gear does not execute external code (like, JavaScript),
so the question "will untrusted external code be able to read secrets
it should not see" is not overly relevant.


Now, for those newfangled stuff where vendors think that you MUST HAVE
VIRTUALIZATION! on the control plane, so YOU CAN RUN STUFF THERE!!! - 
we do not have any of those (yet), but if we had, we'd ask them for
hypervisor patches...

gert


-- 
now what should I write here...

Gert Doering - Munich, Germany                             gert at greenie.muc.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20180106/e08f3a38/attachment.sig>


More information about the juniper-nsp mailing list