From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id A14801382C5 for ; Thu, 4 Jan 2018 21:15:27 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5F633E0A60; Thu, 4 Jan 2018 21:15:15 +0000 (UTC) Received: from mail-wm0-x236.google.com (mail-wm0-x236.google.com [IPv6:2a00:1450:400c:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id D5D0AE0976 for ; Thu, 4 Jan 2018 21:15:14 +0000 (UTC) Received: by mail-wm0-x236.google.com with SMTP id a79so5694014wma.0 for ; Thu, 04 Jan 2018 13:15:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=JClIJGAIJUJKxuyXAcMT2DhbZBBmXvRrY+aZG0jMJSU=; b=XC92mBCEwZsOByCXL7fGGiTIKganM6S1pxqw0zmcnZRmxuVpH1GDXRJYzKVtJrF7ou AGzO1QjMIAggix6q8OPZFAChs7NyIgZdGizU5bZIecx05vVtNrqohBDCWhiktDlqmoIW O1JuwQVZKvBH488/PnmjSK20l7V49Q7b7CbRuM8Lw0ECwgf4HA0/qXYlCmtpOgFKLeRr vloDCYuvR4ml4ujxxuz+X2c5JPmt9mdeIN48c8MZ2xma4yNzuZOLDgw10HtaJnL1hjrk PvWWEIQ1H/+pRvQAF2uUjyDZVVZzMkKpgJZRChbY3X7UIkTjGFsv+6ZNmiIC9ruAJqhF 1Qgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=JClIJGAIJUJKxuyXAcMT2DhbZBBmXvRrY+aZG0jMJSU=; b=t0mChzR3652bxikY6W/iN1pN1yL8ICH4JKB69WRFNwmZdUjGydYP/ZmPN1KFXhSQG0 WpZhQI6eHgEg4xCxC/DfwSxKSJFrcy1fQmOSYbOEShgO/cfv6XwVjQtwXW9YSaD5nlUo 1QM0ToUYL+irbp+cdt2+bjzoQMRGMnvPuX7Y9eHY8GHFYKGGVGj6/hhecRQYklhRs0P2 g8U7pc/ouhkmCthbmRFyiO8ozFZJjp2IiwDQp0/a8Xtjlu9/RMHm8Yo37cqf4v9S6AZ+ nKzwo0lnOnHzz7rcVpOswrOO01MScJiRDn93iEUKTpGRP8iAYpCvy2urOdCOLyDMuej1 wxFQ== X-Gm-Message-State: AKGB3mIsON7oCVpdq9o9BePchHmU8Gkt1HP9ivdT41ds/S9pWifikCIi d6cOGHeI7JKhgwICLz5WP1+sHkcUfoEf73HJ4qVSmg== X-Google-Smtp-Source: ACJfBos9O5ewAgymvdl7vSRm409h2fswmyCz02f1yPkTF1k6T3ZBj1/REx3K6HtR94J2WSIweNq3j6YWMBlTCncZ2ic= X-Received: by 10.28.1.196 with SMTP id 187mr643061wmb.154.1515100513360; Thu, 04 Jan 2018 13:15:13 -0800 (PST) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.223.164.194 with HTTP; Thu, 4 Jan 2018 13:14:52 -0800 (PST) In-Reply-To: References: From: "Andrey F." Date: Thu, 4 Jan 2018 13:14:52 -0800 Message-ID: Subject: Re: [gentoo-user] Re: Spectre and Meltdown summary To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset="UTF-8" X-Archives-Salt: 34fa4581-0294-4626-99ac-987d248df424 X-Archives-Hash: 1fb93023bbd2eb4e7b672bf305c0d7e4 Thanks for the great summary! Having 2FA enabled for all accounts will go a long way as well. On Thu, Jan 4, 2018 at 4:21 AM, Adam Carter wrote: > Browser stuff > > I'm guessing this relates to Variant1; > @hackerfantastic "Blackhats will be weaponizing spectre to steal session > cookies from additional websites opened in the browser, especially financial > sites. Enable site isolation in Chrome now. > https://support.google.com/chrome/answer/7623121?hl=en-GB" > > Sounds like Mozilla will make some changes in Firefox 57 to make the attacks > more difficult; > "Our internal experiments confirm that it is possible to use similar > techniques from Web content to read private information" > https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ >