✨ Feature Suggestion | Better explain the CPU vulnerability section #1669
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1669
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
Reddit points out that we don't have any explanation on what are CPU vulnerabilities and why the user should care about them, only instructions to enable mitigations on Linux.
Microcode package is not installed by default in all systems, including Debian that we list as a recommended OS, and the distributions also vary a lot on whether they enable all mitigations or what do they do with hyperthreading.
Security violations through hardware vulnerabilities are possible including remote code execution or malicious software managing to get access to information it's not supposed to access leading also to privacy violation.
From our recommendations Tails also uses full mitigation and I believe it's better the more widely the issue is discussed about.
@privacytoolsIO/editorial Thoughts?
Hmm, these are some good points raised; thanks @CHEF-KOCH. I do agree that this section could use some re-thinking and simplification. The current information is still valuable but maybe isn't the right fit for the general PrivacyTools audience. 🤔