@jedisct1 not using OpenSSL is probably a good start ;)
There are more papers on the subject, and cache timing attacks can be used as a covert channel as well, but is there any practical defense?
-
-
-
@bascule It doesn't help against browser caches and DNS caches. - 1 more reply
New conversation -
-
-
@jedisct1 Constant time AES with the tables loaded into L1 and no pre-emption. Or hardware AES. Or a pony.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@jedisct1 Ask@hashbreaker - he's on top of it. You can attempt constant time code.@agl__ has some instrumentation too.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.