From: "David W. Hodgins" 

On Fri, 05 Jan 2018 10:37:24 -0500, Virus  wrote:

> David W. Hodgins wrote:
>
>> Given this description of seeing full urls, etc, I take it back. It is
>> a critical problem, that will have be be mitigated asap.
>
> If I read that article correctly, they haven't actually tested the
> exploit against processors made earlier than 2011.
> That leaves a lot of socket 478/775 cpu's as yet to be proved vulnerable.

At this point, better to assume it affects all multi-core and cpus.

> I would think that speculative execution is a "quirky" function in a
> CPU, and that exactly how it operates depends a great deal on the
> specific CPU die we're talking about, and possibly the microcode
> revision it has?

It's a standard part of almost every cpu. It varies somewhat from model
to model, but the basics are the same.

> I would love to see an on-line proof-of-concept test for this.
> Naturally, something "white-hat" in nature.  Barring that, a safe,
> downloadable executable.

Agreed.

> If a meltdown exploit is running on a PC, wouldn't windows firewall
> prevent out-bound communication of meltdown-derived data from an
> infected PC to the outside world?

I do not have any windows systems installed, so will leave descriptions
of it's security, or lack thereof to people more familiar with it's newer
versions. I still occasionally help people with malware cleanup, but
prefer to avoid dealing with anything from Microsoft, as much as possible.

Regards, Dave Hodgins

-- 
Change dwhodgins@nomail.afraid.org to davidwhodgins@teksavvy.com for
email replies.
--- NewsGate v1.0 gamma 2