By the way, these responses have been very thoughtful. I just wanted to
say thanks!
/*
* Michael R. Hines
* Staff Engineer, DigitalOcean.
*/
On 07/28/2018 08:44 AM, Michael Wojcik wrote:
From: Michael R. Hines [mailto:mrhi...@digitalocean.com]
Sent: Friday, July 27, 2018 19:06
Forgive the
On 07/27/2018 01:44 PM, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of Jakob Bohm
Sent: Friday, July 27, 2018 11:52
And once you have done all that work to protect the cryptographic
library, the CPU vulnerability still allows the attacker to o
On 07/27/2018 09:12 AM, Michael Wojcik wrote:
We're trying to decide if we can avoid disabling hyperthreading, as our
measurements show that the performance losses (even with integer
workloads) are significant.
Might anyone be able to comment on this particular type of attack in
OpenSSL?
Ce
On 07/27/2018 08:35 AM, Michael Wojcik wrote:
Our team is trying to get an accurate understanding of whether or not
cryptographic libraries are vulnerable to the kind of non-constant-time
attack used by exploits such as the one recently documented here:
https://www.vusec.net/wp-content/uploads/
Good afternoon,
Our team is trying to get an accurate understanding of whether or not
cryptographic libraries are vulnerable to the kind of non-constant-time
attack used by exploits such as the one recently documented here:
https://www.vusec.net/wp-content/uploads/2018/07/tlbleed-author-prepri
