Subject: Re: [boost] Enabling spectre mitigation in boost libraries
From: degski (degski_at_[hidden])
Date: 2019-04-07 11:34:52

• Next message: Peter Dimov: "Re: [boost] [variant2] Comments on documentation"
• Previous message: Rainer Deyke: "Re: [boost] Enabling spectre mitigation in boost libraries"
• In reply to: Rainer Deyke: "Re: [boost] Enabling spectre mitigation in boost libraries"
• Next in thread: Rainer Deyke: "Re: [boost] Enabling spectre mitigation in boost libraries"
• Reply: Rainer Deyke: "Re: [boost] Enabling spectre mitigation in boost libraries"

On Sun, 7 Apr 2019 at 11:03, Rainer Deyke via Boost <boost_at_[hidden]>
wrote:

> I would go even further than that. If Microsoft, as an organization,
> feels that libraries should be compiled by with spectre mitigation by
> default, then it's up to the MSVC team to actually make that the
> default, without requiring extra command line arguments. Asking every
> user of MSVC to modify their build scripts in order to turn on spectre
> mitigation doesn't scale very well when there are millions of such users.
>

Hola, wait a sec here, most software doesn't need this mitigation. This
mostly relates to browsers from what I understand
<https://en.wikipedia.org/w/index.php?title=Spectre_(security_vulnerability)&action=edit&section=3>
or local machines that are compromised [but hey, then there are simpler
methods of getting your data].

degski

-- 
*Microsoft, please kill Paint3D*

• Next message: Peter Dimov: "Re: [boost] [variant2] Comments on documentation"
• Previous message: Rainer Deyke: "Re: [boost] Enabling spectre mitigation in boost libraries"
• In reply to: Rainer Deyke: "Re: [boost] Enabling spectre mitigation in boost libraries"
• Next in thread: Rainer Deyke: "Re: [boost] Enabling spectre mitigation in boost libraries"
• Reply: Rainer Deyke: "Re: [boost] Enabling spectre mitigation in boost libraries"