undefined | Better HN

0 pointsXorNot6y ago0 comments

Except that's objectively wrong - x86 virtualization breakouts have been extremely rare in practice, and fixable till recently.

The new class of attacks we now see target any type of shared code execution environment. OpenBSD is as vulnerable to this as anything else.

0 comments

astrange6y ago

OpenBSD disables hyperthreading, doesn't it? That's a smart defense against at least one of today's attacks. Doesn't help if you're a VM guest, but does if you're the host.

redrabbyte6y ago

there's a foreshadow-ng variant specifically for vms, and it's arguably the worst

j / k navigate · click thread line to collapse