Louis Pearson desttinghimgame@gmail.com writes:
Has anybody else seen the recently published exploits Meltdown and Spectre? Here's a link: https://meltdownattack.com/
The thing about Meltdown/Spectre is that they're really only problems if you rely on sandboxing to run untrusted code.
This should be more incentive to run on fully free software. If the only code you run on your machine is free software, then there's essentially zero risk of Meltdown/Spectre being an issue. An important point to highlight is that this includes JavaScript that most people run in the browser. The JavaScript Trap [1] as Stallman explained a few years ago.
If people can take back control of their computing but running free software and moving off virtual servers to dedicated serveres or their own product like FreedomBox [2] then issues like meltdown/spectre don't matter.
[1] - https://www.gnu.org/philosophy/po/javascript-trap.ja-en.html [2] - https://freedomboxfoundation.org/