Well, actually, he geek-splains...
On Sat, Jan 6, 2018 at 4:38 AM, AndyHC andy@hawthorncottage.com wrote:
On 06-Jan-2018 1:50 AM, Ed Leafe wrote:
On Jan 5, 2018, at 9:00 AM, Ed Leafe ed@leafe.com wrote: ....And, of course, the required xkcd take on things:
-- Ed Leafe
<snip>
Well ... if you *need* to believe that software can patch hardware design faults....
It's a thumb in the dike, not a fix. Firmware updates and eventually new chip designs are necessary.
and you also believe that these clever patches have either (a) been written in 48 hours
No, under the rules of limited disclosure, the discoverers notified the hardware and software vendors some time ago, and the disclosure has been under embargo until such time as Microsoft and Google and Mozilla and Apple had patches ready to go.
or (b) been written well in advance *and* that's not
sinister....
While it's getting a bit long in the tooth (2014), "Countdown to Zero Day" by Kim Vetter has a good layperson's description of the zero day marketplace, and the white-, black- and grey-hat hackers who make serious money ($100,000 USD or more for root-level exploit, in some cases). Is it sinister? Absolutely. Like all marketplaces, there are good guys, there are bad guys and there are seriously-scary bad guys (and governments). In this case, some geeks figured out an obscure way to poke through the garbage pile that CPUs discard and build it into an exploit. And chose to make white-hat money.
- -now I know I've got a Sinclair Scientific calculator and a abacus
around here somewhere.....
Once I get my C=64 hooked up to the internet, I'll be all set!