Announcement

Collapse
No announcement yet.

Google Engineers Argue For Linux "ASI" To Better Deal With Speculative Execution Attacks

Collapse
X
Collapse
 
  • Page of 4
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 template Next
  • #31
    Originally posted by NobodyXu View Post

    I remembered reading that the researcher was able to pull off a timing based attack in javascript...
    Before or after all the browsers added random noise to the JS accessible timers?

    Comment

    • #32
      Originally posted by carewolf View Post

      Before or after all the browsers added random noise to the JS accessible timers?
      Sorry but I do not remember the details.

      Comment

      • #33
        Originally posted by carewolf View Post

        Before or after all the browsers added random noise to the JS accessible timers?
        Overcoming (some) Spectre browser mitigations
        https://alephsecurity.com/2018/06/26/spectre-browser-query-cache/
        Overcoming (some) Spectre browser mitigations
        • Likes 2

        Comment

        • #34
          Originally posted by hotaru View Post

          most of the things people would want to steal (credentials, encryption keys, etc.) are only a few bytes. restarting your browser more than once per second is probably not something that most people would want to do.
          those information are small but I believe to identify the exact alignment of your interest you need much more. It's binary data after all.

          Comment

          Previous 1 2 3 4 template Next
          Working...
          X