On Jan 1st, @scarybeasts had a Eureka moment and figured it out. Broken speculation.
By January 3rd, 0400 Pacific, @dougallj had a partial repro. Then @brainsmoke with a full repro, just two hours later. By end of day the whole game was up. Why is this important? (2/4)
-
-
Prikaži ovu nit
-
Because the above shows very well that all this discussion of whether or not tools should be released boils down to the fact that no security team, no matter how big or great they are, can hope to be as FAST or complete as all of us, the whole security community, together. (3/4)
Prikaži ovu nit -
Whether it's trying to ban tool publishing, or squash jailbreakers, or DMCA complaints against hackers, or using the law to gatekeep the industry - if you're on the side of exclusion and secrecy and indefinite lock-down control, you're on the wrong side. (4/4)
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
Just out of curiosity, what was the nature of the opsec slip-up? Maybe I misunderstood
-
A patch modification submitted by AMD accidentally pointed out the specific problem that the X86_BUG_CPU_INSECURE kernel flag was being implemented for.
Kraj razgovora
Novi razgovor -
-
-
Remind me what bug this was? I vaguely remember it.
-
This was meltdown stuff if I remember correctly.
- Još 1 odgovor
Novi razgovor -
-
-
Tweet je nedostupan.
-
Believe it may be in reference to this: https://t.co/xQiJvO8ADQ https://twitter.com/jamiebishop123/status/1210722988376522754?s=21 …
- Još 2 druga odgovora
-
-
-
“NO info about it’s exploitation”? So there was no documentation ?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
Prikaži još odgovora, uključujući one koji mogu sadržavati uvredljiv sadržaj
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.