I have been doing some thinking, soul searching, whatever, and have decided I need to revisit some of my security decisions. I am all about making sure that I keep my systems safe but I am starting to question the numbers of tinfoil hats I have been wearing. I recently watched this video on YouTube by Red Robbo:
Looked at the documentation concerning this on SUSE.com
ACTUALLY read thru the CVEs and decided that I would turn the mitigations off on my laptop, NOT my server. If you look at the wording of the reports, it is littered with, “Local attacker”, “In theory”, “…a possible approach”, “could be made to leak”.
I have decided to write a bit about it here.
What do you think? I have historically been a security nut but maybe I have a few too many deadbolts on my doors and I have ripped a few off. I could be very wrong and I really want to hear what the community thinks of this.