Why don't they take security seriously???

Security researchers have found a new class of vulnerabilities in [Intel] chips which, if exploited, can be used to steal sensitive information directly from the processor.,

techcrunch .com/2019/05/14/zombieload-flaw-intel-processors/

Debian patch?
Whonix patch?
Qubes patch?

x86 is fucked… get used to these news

1 Like

Advantage to physical isolation?

Well, for starters that requires the Intel microcode update from Debian (already applied if you update daily). Since Whonix is Debian derivative, it is also already available.


Also, the Xen patch for Qubes(-Whonix) is about 2 weeks away for stable from memory - testing repos show everything is all clear after patch is applied (see Qubes users forums over there).

Schneier said when this first happened that you could bank on years of further related attacks, counter-measures and so on. The wiki notes there is no perfect hardware / software security, just layering to better protect yourself. Any truly advanced adversary who wants in, gets in.

1 Like

Whonix can’t patch this. You can’t apply microcode updates from a virtual machine. Unless you’re using physical isolation.