Yeah, we put performance bonds on everything from pencil sharpeners to bulldozers. In the past we were able to work out agreements with vendors. Some scale, some fail some just pass it on. In a tort friendly state we usually at least cover the cost of conversion.
In a message dated 1/11/2018 8:19:13 AM Central Standard Time, scott.chap...@epstrategies.com writes: Having said all that, if there is a chance of it being exploited, it will have to be mitigated. The question comes from how much of an impact that mitigation is going to have and whether it's made optional or not. (Some of the Linux mitigations can be selectively disabled.) If it's optional, then it comes down to a risk assessment, and it's going to take much more information before sites can make a choice. If it's not optional (or if the risk assessment indicates many sites need to enable the mitigation) and if the impact is more than a small single digit impact for typical workloads, then... this will get really "interesting". ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
