Potential band-aid for Meltdown

Mike Tancsa mike at sentex.net
Thu Jan 4 15:58:24 UTC 2018


On 1/4/2018 10:27 AM, Eric McCorkle wrote:
> I was thinking over meltdown mitigations this morning, and a thought
> occurred to me (which falls in line with general ideas I've been pursuing)

A pretty neat idea.  But in terms of keeping crypto keys safe, why not
something behind a pkcs11 interface (e.g. eToken) or tpm ?

	---Mike
> 
> I realize it's not a perfect solution by far, but it would provide some
> level of mitigation (especially for things like GELI) that could hold
> people over until they can replace their hardware.



-- 
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada   http://www.tancsa.com/


More information about the freebsd-security mailing list