[j-nsp] [c-nsp] Meltdown and Spectre
Sebastian Becker
sb at lab.dtag.de
Sat Jan 6 13:49:45 EST 2018
Same here. User that have access are implicit trusted. So no need for panic.
—
Sebastian Becker
sb at lab.dtag.de
> Am 06.01.2018 um 12:58 schrieb Gert Doering <gert at greenie.muc.de>:
>
> Hi,
>
> On Sat, Jan 06, 2018 at 12:04:22PM +0100, james list wrote:
>> For cve related to Meltdown and Spectre I'm wondering to know what are you
>> doing or going to do on your networking gears?
>
> "Nothing"...
>
> My networking gear does not execute external code (like, JavaScript),
> so the question "will untrusted external code be able to read secrets
> it should not see" is not overly relevant.
>
>
> Now, for those newfangled stuff where vendors think that you MUST HAVE
> VIRTUALIZATION! on the control plane, so YOU CAN RUN STUFF THERE!!! -
> we do not have any of those (yet), but if we had, we'd ask them for
> hypervisor patches...
>
> gert
>
>
> --
> now what should I write here...
>
> Gert Doering - Munich, Germany gert at greenie.muc.de
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20180106/cfce6021/attachment.sig>
More information about the juniper-nsp
mailing list