Announcement

Collapse
No announcement yet.

Google Engineers Argue For Linux "ASI" To Better Deal With Speculative Execution Attacks

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Originally posted by NobodyXu View Post

    I remembered reading that the researcher was able to pull off a timing based attack in javascript...
    Before or after all the browsers added random noise to the JS accessible timers?

    Comment


    • #32
      Originally posted by carewolf View Post

      Before or after all the browsers added random noise to the JS accessible timers?
      Sorry but I do not remember the details.

      Comment


      • #33
        Originally posted by carewolf View Post

        Before or after all the browsers added random noise to the JS accessible timers?
        https://alephsecurity.com/2018/06/26...r-query-cache/

        Comment


        • #34
          Originally posted by hotaru View Post

          most of the things people would want to steal (credentials, encryption keys, etc.) are only a few bytes. restarting your browser more than once per second is probably not something that most people would want to do.
          those information are small but I believe to identify the exact alignment of your interest you need much more. It's binary data after all.

          Comment

          Working...
          X