NYT front page says your car can blow up any minute, tells you to wait until Toyota and Ford can invent a new kind of factory
-
-
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I think you have to go back to bug _classes_, like the weaponization of heap overflows, to get something comparable.
-
There was a golden moment in 1995 where all of the sudden all of us knew how exploitable and common stack overflows were and everything in the world was broken. That’s what this feels like.
- Show replies
New conversation -
-
-
you were probably conceived in the joyful aftermath of that realization
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
sceptre and meltdown have some ready if unlikable mitigations, but this: http://www.zdnet.com/article/intel-weve-found-severe-bugs-in-secretive-management-engine-affecting-millions/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
"Stop using lead in petrol"
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
“Teardrop”, Boink”, and “Ping of death” back in 96/97. Although severity wise more of an unavaoidable denial of service issue than data access (or remote code execution). http://www.pentics.net/denial-of-service/smurf/980513_dos/sld009.htm …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Side channels in general are NOT easy to mitigate, achieving proper fault tolerance is even worse. These recent Spectre/Meltdown bugs belong to a subclass “side channel due to use of a shared resource” of class “side channel”. Remote exploitable side channels are not new either
-
NB: fault tolerance for reliability does not magically give fault tolerance for security. E.g. what my colleagues presented at FDTC 2017 last summer http://doi.ieeecomputersociety.org/10.1109/FDTC.2017.15 …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.