Things we should do for security but we probably won't: • ECC memory everywhere • Use in-order processors until we can prove speculation safe • Hardware isolation for private key storage and usehttps://twitter.com/gober/status/991985411571535872 …
-
-
Replying to @bmastenbrook
Isn't rowhammer is still possible with some ECC memory? Don't the Spectre patches fix cross-process memory reading so that unknown code execution is safe as long as it is isolated from secret data? I.e. don't run the JS engine in the same process as key storage.
1 reply 0 retweets 2 likes
Replying to @olddellian @bmastenbrook
Yes but harder. Just lowering the DRAM refresh interval (& other timings?) is a more reliable fix. Ideal is doing both.
11:18 AM - 3 May 2018
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.