GCC 7.3 Released! Includes fixes for #Spectre ! https://gcc.gnu.org/ml/gcc/2018-01/msg00197.html …
-
-
What has to be recompiled and what is simply supposed to work on a fully patched kernel/container

1 reply 0 retweets 0 likes -
It's not a fix, it's a workaround. Everything potentially affected must be compiled with the workaround in order to benefit.
1 reply 1 retweet 0 likes -
Aren't at-risk applications notably browsers? And doesn't the branch prediction version require both kernel and bios/uefi updates? Thank you for your support

1 reply 0 retweets 0 likes -
To be at-risk, the application must have valuable private data, attacker-controlled-data-dependent flow, and timing visible to the attacker. Browser example: auth tokens, js programs, and time apis+visible timing of network requests.
1 reply 1 retweet 1 like -
Replying to @RichFelker @giuliohome_2017 and
The canonical attacks are ones where the attacker-controlled "data" is code that runs in a sandbox/interpreter/jit, but...
1 reply 1 retweet 1 like
Soon after Spectre was announced, I speculated (pardon the pun) that it may be possible to exploit via data that nobody thinks of as "code" if there are ways to observe the timing of processing it. Nobody has PoCs for that AFAIK, though.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.