[j-nsp] [c-nsp] Meltdown and Spectre

Sebastian Becker sb at lab.dtag.de
Sat Jan 6 13:49:45 EST 2018


Same here. User that have access are implicit trusted. So no need for panic.

—
Sebastian Becker
sb at lab.dtag.de

> Am 06.01.2018 um 12:58 schrieb Gert Doering <gert at greenie.muc.de>:
> 
> Hi,
> 
> On Sat, Jan 06, 2018 at 12:04:22PM +0100, james list wrote:
>> For cve related to Meltdown and Spectre I'm wondering to know what are you
>> doing or going to do on your networking gears?
> 
> "Nothing"...
> 
> My networking gear does not execute external code (like, JavaScript),
> so the question "will untrusted external code be able to read secrets
> it should not see" is not overly relevant.
> 
> 
> Now, for those newfangled stuff where vendors think that you MUST HAVE
> VIRTUALIZATION! on the control plane, so YOU CAN RUN STUFF THERE!!! -
> we do not have any of those (yet), but if we had, we'd ask them for
> hypervisor patches...
> 
> gert
> 
> 
> --
> now what should I write here...
> 
> Gert Doering - Munich, Germany                             gert at greenie.muc.de
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20180106/cfce6021/attachment.sig>


More information about the juniper-nsp mailing list