Groups | Search | Server Info | Keyboard shortcuts | Login | Register
Groups > linux.debian.security > #5609
| From | Elmar Stellnberger <estellnb@gmail.com> |
|---|---|
| Newsgroups | linux.debian.security |
| Subject | Re: Intel Microcode updates |
| Date | 2019-06-22 14:30 +0200 |
| Message-ID | <ybNjz-1CL-3@gated-at.bofh.it> (permalink) |
| References | (1 earlier) <y7Eyd-52j-1@gated-at.bofh.it> <y7Srw-4S3-13@gated-at.bofh.it> <y7SBb-4VG-1@gated-at.bofh.it> <y7UjD-60r-9@gated-at.bofh.it> <y7Utj-64f-5@gated-at.bofh.it> |
| Organization | linux.* mail to news gateway |
Just because you disable Javascript in your browser I would not trust that you will be save from arbitrary code execution. I am using Thunderbird as an email client and it has the same intrusion problem as the browsers running Javascript. The arbitrary binary code execution problem does to my believe more relate to common vulnerabilities like buffer overflows in the whole code than just to the Javascript subsystem which is of course an additional security risk. As long as the code base is changing rapidly and as long as new arbitrary code execution problems are discovered from time to time you are not save. The speed new bugs are moved in is simply higher than the speed by with some of the old bugs are corrected for browsers like Chromium or Firefox (I would not trust software from Google anyway as it is part of the empire of 'evil'.). Intelligence services usually use zero days exploits for which there is no known mitigation. If you wanna be save on a computer do not use an email client or web browser; at least not if it can connect to sites spoofed by secret services. To avoid connecting to a 1:1 mirror site of an intelligence service we would need an improvement of https certificate management like f.i. DANE provides. There are many rogue certificates issued for intelligence services out there and restricting your browser to use https does not help. Regards, Elmar Am 11.06.19 um 21:09 schrieb Andrew McGlashan: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Hi, > >> On 12/6/19 3:16 am, Holger Levsen wrote: >>> On Wed, Jun 12, 2019 at 03:05:13AM +1000, Andrew McGlashan >>> wrote: >>>> Exploiting the flaws needs malicious code to be running on your >>>> box. If you are in total control over all VMs and processes >>>> on the box, then you should be good. >>> do you use a webbrowser with javascript enabled? >> Good point, yes that is another risk. > Actually though, if you update your browser to lessen the granularity > of time that the exploits require, it might not be an issue. So, > don't run an out of date browser.... is that enough? > > Cheers > A. > -----BEGIN PGP SIGNATURE----- > > iHUEAREIAB0WIQTJAoMHtC6YydLfjUOoFmvLt+/i+wUCXP/8eAAKCRCoFmvLt+/i > +2AsAP4knXw4eLsVrlYm/CwuWJrhGC8FRVj4Uc09H0mR2ZDlhwD/RI/FDdLYiO9t > nNNga1FHGhCMj7v/rzJcZ/8iGrNrmqI= > =/5dj > -----END PGP SIGNATURE----- >
Back to linux.debian.security | Previous | Next — Previous in thread | Next in thread | Find similar
Intel Microcode updates Russell Coker <russell@coker.com.au> - 2019-06-10 06:10 +0200
Re: Intel Microcode updates Michael Stone <mstone@debian.org> - 2019-06-10 13:20 +0200
Re: Intel Microcode updates Davide Prina <davide.prina@gmail.com> - 2019-06-10 19:50 +0200
Re: Intel Microcode updates Michael Stone <mstone@debian.org> - 2019-06-10 20:40 +0200
Re: Intel Microcode updates Davide Prina <davide.prina@gmail.com> - 2019-06-11 20:10 +0200
Re: Intel Microcode updates Michael Stone <mstone@debian.org> - 2019-06-11 22:00 +0200
Re: Intel Microcode updates Russell Coker <russell@coker.com.au> - 2019-06-11 14:00 +0200
Re: Intel Microcode updates Henrique de Moraes Holschuh <hmh@debian.org> - 2019-06-11 04:20 +0200
Re: Intel Microcode updates Russell Coker <russell@coker.com.au> - 2019-06-11 14:00 +0200
Re: Intel Microcode updates Moritz Mühlenhoff <jmm@inutil.org> - 2019-06-11 14:30 +0200
Re: Intel Microcode updates Henrique de Moraes Holschuh <hmh@debian.org> - 2019-06-12 17:00 +0200
Re: Intel Microcode updates Elmar Stellnberger <estellnb@gmail.com> - 2019-06-18 13:00 +0200
Re: Intel Microcode updates Henrique de Moraes Holschuh <hmh@debian.org> - 2019-06-23 22:30 +0200
Re: Intel Microcode updates Elmar Stellnberger <estellnb@gmail.com> - 2019-06-23 22:40 +0200
Re: Intel Microcode updates Henrique de Moraes Holschuh <hmh@debian.org> - 2019-06-24 04:10 +0200
Re: Intel Microcode updates Davide Prina <davide.prina@gmail.com> - 2019-06-24 19:40 +0200
Re: Intel Microcode updates Elmar Stellnberger <estellnb@gmail.com> - 2019-06-18 22:10 +0200
Re: Intel Microcode updates Elmar Stellnberger <estellnb@gmail.com> - 2019-06-22 14:30 +0200
Re: Intel Microcode updates Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> - 2019-06-11 19:10 +0200
Re: Intel Microcode updates Holger Levsen <holger@layer-acht.org> - 2019-06-11 19:20 +0200
Re: Intel Microcode updates Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> - 2019-06-11 21:10 +0200
Re: Intel Microcode updates Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> - 2019-06-11 21:20 +0200
Re: Intel Microcode updates Elmar Stellnberger <estellnb@gmail.com> - 2019-06-18 11:20 +0200
Re: Intel Microcode updates Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> - 2019-06-18 20:30 +0200
Re: Intel Microcode updates Rob van der Putten <rob@sput.nl> - 2019-06-20 14:40 +0200
Re: Intel Microcode updates Elmar Stellnberger <estellnb@gmail.com> - 2019-06-18 22:10 +0200
Re: Intel Microcode updates Elmar Stellnberger <estellnb@gmail.com> - 2019-06-22 14:30 +0200
Re: Intel Microcode updates Davide Prina <davide.prina@gmail.com> - 2019-06-23 10:00 +0200
Re: Intel Microcode updates Lou Poppler <LouPoppler@cableone.net> - 2019-06-24 02:20 +0200
Re: Intel Microcode updates Davide Prina <davide.prina@gmail.com> - 2019-06-24 20:00 +0200
csiph-web