Apple is a better company than than Microsoft. I ask you this: how does Microsoft handle wiretap requests? How does Apple handle wiretap requests?<div><br></div><div>Does Microsoft sign any DLLs that is asked of them? It is curious that no journalist talks about common procedure. No doubt this “attacker” is defined the same as according to citizenlab someone acting without “any legal authorization”.<br><br>You dogs can smirk behind your laws, and overlook those violate those laws in a way pleasing to you, so I ask of the Lord to strike down an Azure datacenter by what cannot be attributed to any other power!<br><br><br>On Thursday, November 15, 2018, Microsoft Security Response Center &lt;<a href="mailto:secure@microsoft.com">secure@microsoft.com</a>&gt; wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">



<div>
<p style="background-color:transparent;color:rgb(0,0,0);font-family:Times New Roman;font-size:16px;font-style:normal;font-variant:normal;font-weight:400;letter-spacing:normal;margin-bottom:0px;margin-left:0px;margin-right:0px;margin-top:0px;text-align:left;text-decoration:none;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<font face="Verdana" size="2">Hello,</font></p>
<p style="background-color:transparent;color:rgb(0,0,0);font-family:Times New Roman;font-size:16px;font-style:normal;font-variant:normal;font-weight:400;letter-spacing:normal;margin-bottom:0px;margin-left:0px;margin-right:0px;margin-top:0px;text-align:left;text-decoration:none;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<font face="Verdana" size="2">Thank you for contacting the Microsoft Security Response Center (MSRC). In order to investigate your report I will need a valid proof of concept (POC) ideally with images or video, the detailed steps to reproduce the problem, and
 how an attacker could use it to exploit another user.</font></p>
<p style="background-color:transparent;color:rgb(0,0,0);font-family:Times New Roman;font-size:16px;font-style:normal;font-variant:normal;font-weight:400;letter-spacing:normal;margin-bottom:0px;margin-left:0px;margin-right:0px;margin-top:0px;text-align:left;text-decoration:none;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<font face="Verdana" size="2"><br>
</font></p>
<p style="background-color:transparent;color:rgb(0,0,0);font-family:Times New Roman;font-size:16px;font-style:normal;font-variant:normal;font-weight:400;letter-spacing:normal;margin-bottom:0px;margin-left:0px;margin-right:0px;margin-top:0px;text-align:left;text-decoration:none;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<font face="Verdana" size="2">When ready, submit a new email to <a href="mailto:secure@microsoft.com" target="_blank">secure@microsoft.com</a> <wbr>without a CRM number in the subject line. Please include:<br>
</font></p>
<ul style="background-color:transparent;color:rgb(0,0,0);font-family:Times New Roman;font-size:16px;font-style:normal;font-variant:normal;font-weight:400;letter-spacing:normal;text-align:left;text-decoration:none;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<li class="MsoNormal" style="margin-left:0px"><font face="Verdana" size="2">Relevant information previously provided in your initial report</font></li><li class="MsoNormal" style="margin-left:0px"><font face="Verdana" size="2">Detailed steps required to consistently reproduce the issue</font></li><li class="MsoNormal" style="margin-left:0px"><font face="Verdana" size="2">Short explanation on how an attacker could use the information to exploit another user remotely</font></li><li class="MsoNormal" style="margin-left:0px"><font face="Verdana" size="2">Proof-of-concept (POC), such as a video recording, crash reports, screenshots, or relevant code samples</font><br>
</li></ul>
<p style="background-color:transparent;color:rgb(0,0,0);font-family:Times New Roman;font-size:16px;font-style:normal;font-variant:normal;font-weight:400;letter-spacing:normal;margin-bottom:0px;margin-left:0px;margin-right:0px;margin-top:0px;text-align:left;text-decoration:none;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<font face="Verdana" size="2">Regards,</font></p>
<p style="background-color:transparent;color:rgb(0,0,0);font-family:Times New Roman;font-size:16px;font-style:normal;font-variant:normal;font-weight:400;letter-spacing:normal;margin-bottom:0px;margin-left:0px;margin-right:0px;margin-top:0px;text-align:left;text-decoration:none;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
<font face="Verdana" size="2">Tina <br>
MSRC</font></p>
<br>
<div></div>
<br>
<font face="Tahoma, Verdana, Arial" size="2"><br>
------------------- Original Message -------------------<br>
<b>From:</b> <a href="mailto:ryacko@gmail.com" target="_blank">ryacko@gmail.com</a><br>
<b>Received:</b> Wed Nov 14 2018 09:34:48 GMT-0800 (Pacific Standard Time)<br>
<b>To:</b> &lt;Microsoft Security Response Center&gt;; Microsoft Security Response Center; Microsoft Security Response Center<br>
<b>Cc:</b> <a href="mailto:cypherpunks@lists.cpunks.org" target="_blank">cypherpunks@lists.cpunks.org</a><br>
<b>Subject:</b> X86 dispatch contention vulnerability CRM:0461068385</font><br>
<br>
While many x86 implementation vulnerabilities in the past involve either electromagnetic emissions or cache timing attacks, I have not read anything about instruction dispatch contention. According to anger fog’s research, Intel’s implementation of the x86
 instruction set does not dispatch more than three of a single instruction, and it has been so for a long time. Irregardless of their design decisions for instruction dispatch, this provides a side channel in which two cooperating processes operating on the
 same core can conduct half-duplex communication at the rate of 2 bits per cycle by one process attempting to compete with another process for the same capacity for dispatches over a single instruction (0, 1, 2, 3). While I do not have the resources to know <span><br>
<font face="Tahoma, Verdana, Arial" size="2" style="display:inline"></font></span>x86 processors handles dispatch contention issues, if it is handled in a regular and non-random manner, it would reach that theoretical level of severity.
<div><br>
</div>
<div>This violates certain access controls assumed to be imposed by the kernel.<br>
<div><br>
</div>
<div>I suppose I can’t collect my quarter million dollar prize if I publish this to the world?</div>
</div>
</div>

</blockquote></div>