Reply to post: Re: Safe enough - IF no third party code

Should SANs be patched to fix the Spectre and Meltdown bugs? Er ... yes and no

Anonymous Coward
Anonymous Coward

Re: Safe enough - IF no third party code

If there is a "secret" engineering backdoor then this is a much significnat problem than spectre or meltdown.

If a device is not intended to allow execution of any software other than the device software then it is a catastrophic security failure if a means to do so is found. Once an attacker has the ability to run arbitrary code on a device not intended to do so then there are almost certainly much eaiser and more direct ways of accessing information than spectre or meltdown.

It makes a lot of sense that appliance manufacturers take this approach. They may do a good or bad job at it but that is a different question.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon