topic TLBleed - surely it would be ethical to patch it? in Tech Talk https://community.isc2.org/t5/Tech-Talk/TLBleed-surely-it-would-be-ethical-to-patch-it/m-p/15353#M510 <P>Interesting article appeared this morning:&nbsp; <A href="https://searchsecurity.techtarget.com/answer/How-does-TLBleed-abuse-the-Hyper-Threading-feature-in-Intel-chips" target="_blank">https://searchsecurity.techtarget.com/answer/How-does-TLBleed-abuse-the-Hyper-Threading-feature-in-Intel-chips</A></P><P>&nbsp;</P><P>If it well known, then surely the emphasis should be on the manufacturer to resolve it, and not place the responsibility on organisations to mitigate it?</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_cautim</P> Mon, 08 Oct 2018 19:20:11 GMT Caute_cautim 2018-10-08T19:20:11Z TLBleed - surely it would be ethical to patch it? https://community.isc2.org/t5/Tech-Talk/TLBleed-surely-it-would-be-ethical-to-patch-it/m-p/15353#M510 <P>Interesting article appeared this morning:&nbsp; <A href="https://searchsecurity.techtarget.com/answer/How-does-TLBleed-abuse-the-Hyper-Threading-feature-in-Intel-chips" target="_blank">https://searchsecurity.techtarget.com/answer/How-does-TLBleed-abuse-the-Hyper-Threading-feature-in-Intel-chips</A></P><P>&nbsp;</P><P>If it well known, then surely the emphasis should be on the manufacturer to resolve it, and not place the responsibility on organisations to mitigate it?</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_cautim</P> Mon, 08 Oct 2018 19:20:11 GMT https://community.isc2.org/t5/Tech-Talk/TLBleed-surely-it-would-be-ethical-to-patch-it/m-p/15353#M510 Caute_cautim 2018-10-08T19:20:11Z Re: TLBleed - surely it would be ethical to patch it? https://community.isc2.org/t5/Tech-Talk/TLBleed-surely-it-would-be-ethical-to-patch-it/m-p/15355#M512 <P>Ethics from a large company...? Devil’s advocate, sure, as Long as it doesn’t cost any money...</P><P>&nbsp;</P><P>I would say that enough OEM Customers would need to ask for this to be resolved - get server and desktop producers asking for it then we might see something. Sort of cash for a secure cache...&nbsp;</P><P>&nbsp;</P><P>This was at black hat and mitigation’s didn’t seem to impress Ben Gras:</P><P>&nbsp;</P><P><A href="http://www.eweek.com/security/tlbleed-side-channel-cpu-attack-detailed-at-black-hat" target="_self">http://www.eweek.com/security/tlbleed-side-channel-cpu-attack-detailed-at-black-hat</A></P><P>&nbsp;</P><P>maybe they will fix it going forward.</P> Mon, 08 Oct 2018 20:54:43 GMT https://community.isc2.org/t5/Tech-Talk/TLBleed-surely-it-would-be-ethical-to-patch-it/m-p/15355#M512 Early_Adopter 2018-10-08T20:54:43Z