footwork historian

CPU Vulns are now public. There are two distinct vulns, in summary:

Meltdown: Memory accesses executed out of order after faults are leaked into caches. "Fixed" by KAISER at the cost of far slower switches between kernel and userspace. Mostly specific to Intel processors.

Spectre: Speculatively executed instructions on branch mispredictions can leak the address space through caches. No fix available it seems, and it affects Intel, AMD, & ARM processors. Possible to exploit from within browser sandboxes.

and by "no fix available" I mean there's no single thing to mitigate Spectre without absolutely fucking processor performance. The articles you read about the performance impacts of mitigating the "Intel bug" were about KAISER and Meltdown, and mitigating Spectre will likely make those performance losses look small time

Install NoScript. Don't run code you don't trust.

Sign in to participate in the conversation mastodon

A generalistic Mastodon instance hosted in France, open to all and available since the 9 April 2017. Learn about the instance information and guidelines.