From owner-freebsd-questions@freebsd.org Wed Jan 10 09:41:31 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B19C7E753CB for ; Wed, 10 Jan 2018 09:41:31 +0000 (UTC) (envelope-from g8kbvdave@googlemail.com) Received: from mail-lf0-x235.google.com (mail-lf0-x235.google.com [IPv6:2a00:1450:4010:c07::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3BD756B28A; Wed, 10 Jan 2018 09:41:31 +0000 (UTC) (envelope-from g8kbvdave@googlemail.com) Received: by mail-lf0-x235.google.com with SMTP id e27so19062500lfb.9; Wed, 10 Jan 2018 01:41:31 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=hzUZqKmV5hHdGqBkTWZM5xGu1bC92taF56hzescPJPs=; b=WDayDiz98iSVdqWB0DB7u/ktmRoDZyRfkD/0HF/UMkMolUedF9rMFOHrfVPQUo4TNZ 1lbdeuo03wN5j8EUiTvRUQYT9O9iDd3Synp6Bv1WABm78teS4FBR6SjlV1jQNDoZAtYx oc2FpSL3gPKyZ9s+H/MKvbR1GLTJ1ohUDuP7qq69VFCQXj+xtbHF8HtXJyaZLpO5he76 FvP1Q5l+s9V7tmuG+zccNwGPgUzgKrcMKpqgVZQiOhJpSxu7qKSYh2f85qKXpmU+n4s2 pxMjGcLgJsexP1gGteHPJ2h6jx9jlQ2hCUlWCEGGd5R6mJnQ52HF4IoRDWDjCgu4vPDv FgCw== X-Gm-Message-State: AKwxytcFU6h3qpwNSol2NkBFWUT5o/07ev8ejQlKcsuhh/izjUmkORb2 uxBmiinyuZQl98qG5qOCr8fqnNdP X-Google-Smtp-Source: ACJfBot+dMFUow9I+XAsLhGXBTcZHmVUKrh4hU/llZoU7go+vCo6VlVB/1Xdww1ByYndAu4vedTe9Q== X-Received: by 10.25.76.214 with SMTP id z205mr9145966lfa.134.1515577288812; Wed, 10 Jan 2018 01:41:28 -0800 (PST) Received: from [192.168.2.55] ([217.41.35.220]) by smtp.gmail.com with ESMTPSA id r26sm2841637lfd.49.2018.01.10.01.41.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 10 Jan 2018 01:41:27 -0800 (PST) Subject: =?UTF-8?Q?Re:_32_bit_fix=3f_=28Was_Re:_Meltdown_=e2=80=93_Spectre?= =?UTF-8?Q?=29?= To: Ed Maste , freebsd-questions@freebsd.org References: <2e86bfd9-9141-2872-1946-0e9d26326433@googlemail.com> From: Dave B Message-ID: <6523f352-c895-e488-8006-76495907745a@googlemail.com> Date: Wed, 10 Jan 2018 09:41:26 +0000 User-Agent: Mozilla/5.0 (X11; Linux i686; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: en-GB X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jan 2018 09:41:31 -0000 Hi Ed. Understood.   There's "a lot" of FreeBSD based kit out there, running on 32 bit hardware.  A lot of NAS's for one.   (I don’t suppose any of those commercial "appliances" will ever be updated though.) But from my understanding, this problem has probably been present since 1995, and maybe even earlier.  There is a paper published somewhere that documents such issues, dated around 1992!  Awaiting for the SN645 show notes to be published, for that info. (Keep an eye on  https://www.grc.com/securitynow.htm ) The conclusion then, was that it was probably not a problem as would be "too difficult" to manipulate for any gain. The machines I have, are ex Win'2000 boxes, so are probably affected.   One of them was web facing.  It's not now! Best Regards. Dave B. (G0WBX) On 10/01/18 03:29, Ed Maste wrote: > On 9 January 2018 at 07:23, Dave B via freebsd-questions > wrote: >> When is a patch for i386 (32 bit) versions likely to be available? >> >> Regards. >> >> Dave B. >> >> (I only run non GUI 32 bit instances of FreeBSD, on older hardware, GPSD >> NTP machines etc.) > Similar techniques can be applied to i386, but they are a lower > priority and we don't yet have a timeline. I expect that i386 patches > will follow after the full set of mitigations have been applied to > amd64. > > Note that if the "older hardware" is old enough it may predate these issues.