× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. January 2018

RE: Meltdown and Spectre

From what I read the application that might try to do this also has to have high admin privileges and be locally installed. Which means a security officer would have to run an installer. We only install apps from IBM and long time trusted vendors. I don't think it would be possible for out outside attacker to take advantage on this flaw.

Mike Cunningham

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Vernon Hamberg
Sent: Friday, January 5, 2018 11:09 PM
To: midrange-l@xxxxxxxxxxxx
Subject: Re: Meltdown and Spectre

As I understand it, this vulnerability is in the CPU itself - and that's below SLIC and PASE - apparently there's a way to intercept traffic within the CPU itself - something like that.

Cheers anyhow!
Vern

On 1/5/2018 5:35 PM, Paul Roy wrote:
I am also very surprised.. I thought IBM i has its own memory
management ... implemented in the SLIC.. with security bits and tags...
I am also surprised that we have to wait 5 weeks for the IBM i or AIX
patch ... while the patch is available for Linux..

Paul




From: Charles Wilt <charles.wilt@xxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Date: 05/01/2018 17:23
Subject: Re: Meltdown and Spectre
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



Well that's quite surprising....

I'm no chip head...but I was expecting the POWER/IBMi to be immune
given the protections in place for it's shared address space vs
x86/windows single process VM.

I wonder if it's PASE specific issue...that I could see...

And given the usage of PASE in the OS now (networking, Java, ect) you
can't have IBMi w/o PASE like you used to be able to have OS/400
without PASE.

Charles

On Fri, Jan 5, 2018 at 6:35 AM, Diego Kesselman
<diegokesselman@xxxxxxxxx>
wrote:

Have you seen this?!?


https://www.ibm.com/blogs/psirt/potential-impact-processors-power-fami
ly/


El 5 ene. 2018 7:31 AM, "Darren Strong" <darren@xxxxxxxxx> escribió:

Last time I read about the subject, POWER processors were in-order
processors. This flaw sounds like its around the speculative
processing
used by x86, so I doubt the flaw affects POWER. Its also why there
is
talk
of x86 processor performance being affected by a patch. If they
disable
this speculative processing, it neuters a significant paradigm used
by these processors.


___________________________________
Darren Strong
Dekko

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please
take a moment to review the archives at
https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our
affiliate
link: http://amzn.to/2dEadiD

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our
affiliate
link: http://amzn.to/2dEadiD


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: http://amzn.to/2dEadiD

________________________________
This email may contain confidential information about a Pennsylvania College of Technology student. It is intended solely for the use of the recipient. This email may contain information that is considered an “educational record” subject to the protections of the Family Educational Rights and Privacy Act Regulations. The regulations may be found at 34 C.F.R. Part 99 for your reference. The recipient may only use or disclose the information in accordance with the requirements of the Federal Educational Rights and Privacy Act Regulations. If you have received this transmission in error, please notify the sender immediately and permanently delete the email.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.