For many many years, I've thought of my infosec friends with NoScript enabled by default as hopelessly paranoid. Today, I have NoScript enabled by default. It's actually not that painful.https://twitter.com/MalwareJake/status/948755289716772869 …
-
-
Replying to @whitequark
Disabling JIT should work just as well without any loss of functionality.
2 replies 0 retweets 0 likes -
Replying to @RichFelker @whitequark
Are you sure that with the pipeline deep enough and a good branch predictor the whole path in the *interpreter itself* cannot be speculatively executed with the data you want?
1 reply 0 retweets 1 like -
Replying to @astarasikov @whitequark
Not 100%. Branch-free interpreters are actually a topic of interest for me as one step to [the closest thing you can get to] portable constant-time code.
1 reply 0 retweets 2 likes
The "not 100%" is why I'm considering Spectre a fatal flaw that can't be solved with software and that requires trashing affected cpu models. But turning off JIT will make it a damn lot harder to exploit.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.