meltdown cache encryption

Miguel González miguel_3_gonzalez at yahoo.es
Mon Jan 29 18:59:45 UTC 2018


> 
> I'm loosely and remotely following what's happening on the Linux side
> so I may not be up to date but I believe that Meltdown and Spectre
> variant 1 are fixed/mitigated in latest releases. You should check
> what your Linux distribution has done in this area, but I believe all
> major vendors have "kernel" and "microcode" updates ready at this
> point.
> 
> In that case I believe Varnish would be safe, except for Spectre
> variant 2 that I think is almost ready but not there yet. Varnish
> Total Encryption not only helps mitigate Meltdown and Spectre that
> could happen on a "neighbor's VM", but goes the extra mile too.

Thanks for the info.

> 
>>> You should mostly be worried about Meltdown and Spectre if you are
>>> running Varnish on shared machines provided by a hosting company (aka
>>> cloud provider).
>>
>> I do myself host several sites, should I be worried then?
> 
> Get in touch with the hosting company, they'll know better than me
> about their business ;)

I mean I have my own VPS running Varnish on a dedicated server I own :)
Where you meaning that someone could get information on cloud instances
where Varnish is run for several cloud instances? I am not quite
grasping what you mean with "neighbor´s VM".

Thanks!

Miguel

---
This email has been checked for viruses by AVG.
http://www.avg.com



More information about the varnish-misc mailing list