-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Alex,
On 14/01/18 15:17, Alex Vong wrote: > Thank you. I have updated my kernel. For the browser part, I > currently run tor browser with security level set to high (so that > javascript is disabled by default). Maybe you can tell people on > #libreboot about this solution if you like. This is technically unrelated to Libreboot, even if it is an important issue. swiftgeek and I decided not to document anything about it on the site. In my opinion, GNU+Linux distributions should be the ones advising people, since all of the defense/mitigation is done there at that level. The implications at firmware level are non-existent (for instance, these attacks can't, to my knowledge, be used to actually run/modify malicious code, just read memory, so it's not as if some evil site could install malicious boot firmware in your system). - -- Leah Rowe Libreboot developer and project founder. Use free software. Free as in freedom. https://www.gnu.org/philosophy/free-sw.html Use a free BIOS - https://libreboot.org/ Use a free operating system, GNU+Linux. Support computer user freedom https://fsf.org/ - https://gnu.org/ Minifree Ltd, trading as Ministry of Freedom | Registered in England, No. 9361826 | VAT No. GB202190462 Registered Office: 19 Hilton Road, Canvey Island, Essex SS8 9QA, UK | Web: https://minifree.org/ -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE+JRrnG26iGmvPhSA/0W3TPnRz5QFAlpckVcACgkQ/0W3TPnR z5QjOgf/WGDpNZBYVuk+TxplF/Fq7D3dooTasbEEjjcPt8vnqCUZXHTKg9lZDrjd yCWFkhWvR3ZkTQSoxVMbinHvQg8iDH5ZMOae5KAjxlFVeKFVHvS79UpMwHEs6SE0 PZK5p18rD3g43U1C6ck4UCnKTeSmDmUWrcLqAXa0RAcT+jvnhLCn3b4vAnyxZKjj KguwmMGd0+vO4b22Na9lPA9HoHwDZEMYydr38n1x7U7ZYFw1XymfD9R9i/8+YksE ATbmiVx6Dk0IKHEVU2dtIDOi20fRJIqEKotXFR71TMSIfXOySTn61y1Y0aEziSsQ Cys1b3F9Tux8MwV8aB+mwNga3H/UBQ== =t2lW -----END PGP SIGNATURE-----
