[Semibug] OpenBSD vulnerable to Meltdown & Spectre?
Jonathan Drews
jondrews at fastmail.com
Wed Jun 7 15:24:06 EDT 2023
On Wed, Jun 07, 2023 at 01:36:03PM -0500, Kyle Willett wrote:
> Hi Jonathan,
>
> Disabling SMT has helped a lot in mitigating side channel attacks from
> what I've read on /r/OpenBSD when this question comes up. Disabling
> SMT is not a panacea from what I've read though. Combined with using
I have SMT enabled. There is a noticeable improvemnet in load times
for big programs like libreoffice. I had hoped that my pf firewall
would guard against these attacks. Here pf is a host based firewall.
> new processors with actual hardware mitigations and update microcode
> will get you almost to 100% protection. If you are still rocking say
> a gen 8 Intel chip then there is only so much that software can
My laptops use 8th gen Intel chips.
> mitigate. Keep in mind that apparently only Intel microcode is update
> in OpenBSD, not AMD (I didn't know this myself until I read it by some
> developers on the OpenBSD reddit page). So, if you have an AMD CPU
> like me in my OpenBSD laptop you have to install BIOS updates to get
> new security features.
>
Thanks for your input.
--
Kind regards,
Jonathan
More information about the Semibug
mailing list