[Arm-netbook] Meltdown and Spectre
Adam Van Ymeren
adam at vany.ca
Thu Jan 4 23:13:45 GMT 2018
Louis Pearson <desttinghimgame at gmail.com> writes:
> Has anybody else seen the recently published exploits Meltdown and Spectre?
> Here's a link: https://meltdownattack.com/
The thing about Meltdown/Spectre is that they're really only problems if
you rely on sandboxing to run untrusted code.
This should be more incentive to run on fully free software. If the
only code you run on your machine is free software, then there's
essentially zero risk of Meltdown/Spectre being an issue. An important
point to highlight is that this includes JavaScript that most people run
in the browser. The JavaScript Trap [1] as Stallman explained a few
years ago.
If people can take back control of their computing but running free
software and moving off virtual servers to dedicated serveres or their
own product like FreedomBox [2] then issues like meltdown/spectre don't
matter.
[1] - https://www.gnu.org/philosophy/po/javascript-trap.ja-en.html
[2] - https://freedomboxfoundation.org/
More information about the arm-netbook
mailing list