Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 21 Jun 2018, 03:11
All times are UTC - 4
 Forum index » Off-Topic Area » Security
RASPBERRY PI NOT AFFECTED BY SPECTRE OR MELTDOWN BUGS
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [3 Posts]  
Author Message
slavvo67

Joined: 12 Oct 2012
Posts: 1529
Location: The other Mr. 305

PostPosted: Fri 02 Feb 2018, 00:50    Post subject:  RASPBERRY PI NOT AFFECTED BY SPECTRE OR MELTDOWN BUGS  

According to an article at RaspberryPi.org, no versions of the Pi are affected by Spectre or Meltdown. Does that make the Pi the safest machine in my house? They seem to think so. Personally, something just doesn't feel right about doing personal banking through a Pi. Just a personal thought. Anyway, for those interested, the link is below.

https://www.raspberrypi.org/magpi/raspberry-pi-spectre-meltdown/


slavvo67
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1570
Location: N.E. USA

PostPosted: Fri 02 Feb 2018, 01:48    Post subject:  

I distinctly remember in my readings that the ARM Cortex-7 is not vunerable, but there are versions using Big/Little as in the 52 and 57 versions that partially are (IIRC Spectre). I will have a look at the ARM security page(s) again... right now running SSL Server test on Raspberrypi.org. My browser says too low a security setting, and won't open.

EDIT #1... ARM

A comparison of cores provided indicates that when alone the A5, A7 and A8 cortex models do not have Out of Order Execution (OOOE). All others above A8 (notably A9, A12, and A15) allow OOOE.
Therefore, Big/Little setups (A7 + A12 or A15) are indeed partially vunerable due to OOOE in Big.

Edit #2 raspberrypi.org

is using dhe rather than ecdhe. This is weak, and slow. Both iPv4 servers will handshake SSL2 but not support SSL2/3. TLS 1.0/1.1/1.2 allowed. Furthermore, google will pull support and declare unsafe as of Mar. 2018. MHO They better get it together security-wise./MHO

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
slavvo67

Joined: 12 Oct 2012
Posts: 1529
Location: The other Mr. 305

PostPosted: Fri 02 Feb 2018, 03:10    Post subject:  

8Geee:

Here's further explanation if you're interested:

https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [3 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0884s ][ Queries: 12 (0.0149s) ][ GZIP on ]