<div dir="ltr">yes, I do know that much, I was hoping for some of the actual technical detail that is left out, particularly the password issues on the BMC. </div><br><div class="gmail_quote"><div dir="ltr">On Thu, Jul 12, 2018 at 5:21 AM R S <<a href="mailto:rene.shuster@bcsemail.org">rene.shuster@bcsemail.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div style="font-size:small;text-decoration-style:initial;text-decoration-color:initial">This advisory is one of the 10 released vulnerabilities published by Intel June 10th[1][2]. One of them is called Spectre v1.1 (Paper:<span> </span><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><a href="https://people.csail.mit.edu/vlk/spectre11.pdf" style="color:rgb(17,85,204)" target="_blank">https://people.csail.mit.edu/vlk/spectre11.pdf</a><span> </span>)</span>. At least 2 of the 10 vulnerabilities seem to be part of Intel's Bug Bounty Program, one of them worth $100k[3]. </div><div style="font-size:small;text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="font-size:small;text-decoration-style:initial;text-decoration-color:initial">[1] <a href="https://www.intel.com/content/www/us/en/security-center/default.html" style="color:rgb(17,85,204)" target="_blank">https://www.intel.com/content/www/us/en/security-center/default.html</a></div><div style="font-size:small;text-decoration-style:initial;text-decoration-color:initial">[2] <span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><a href="https://01.org/security/advisories/intel-oss-10002" style="color:rgb(17,85,204)" target="_blank">https://01.org/security/advisories/intel-oss-10002</a> </span></div><div style="font-size:small;text-decoration-style:initial;text-decoration-color:initial"><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">[3] </span><a href="https://hackerone.com/intel/hacktivity?sort_type=latest_disclosable_activity_at&filter=type%3Abounty-awarded%20to%3Aintel" style="color:rgb(17,85,204)" target="_blank">https://hackerone.com/intel/hacktivity?sort_type=latest_disclosable_activity_at&filter=type%3Abounty-awarded%20to%3Aintel</a></div><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jul 11, 2018 at 4:57 PM, ron minnich <span dir="ltr"><<a href="mailto:rminnich@gmail.com" target="_blank">rminnich@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">just wondering.</div>
<br>-- <br>
coreboot mailing list: <a href="mailto:coreboot@coreboot.org" target="_blank">coreboot@coreboot.org</a><br>
<a href="https://mail.coreboot.org/mailman/listinfo/coreboot" rel="noreferrer" target="_blank">https://mail.coreboot.org/mailman/listinfo/coreboot</a><br></blockquote></div></div><div class="gmail_extra"><br><br clear="all"><div><br></div>-- <br><div class="m_1664664982610173401gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">Tech III * AppControl * Endpoint Protection * Server Maintenance<br>Buncombe County Schools Technology Department Network Group<br><a href="http://comicsanscriminal.com" target="_blank">ComicSans Awareness Campaign</a></div></div></div></div></div></div>
</div></blockquote></div>