Intel hardware bug

John-Mark Gurney jmg at funkthat.com
Sat Jan 6 20:14:20 UTC 2018


Ronald F. Guilmette wrote this message on Fri, Jan 05, 2018 at 12:17 -0800:
> If the meltdown or spectre (or both) attacks are based on careful analysis
> of timing information, following a memory fault, then why just just introduce
> a very tiny delay, of randomized duration, in the relevant kernel fault handler,
> following each such fault?

Randomization only makes it harder, not impossible to detect the timing
impact.  You just need to collect more samples to average out the noise.

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."


More information about the freebsd-security mailing list