I told you so. https://github.com/marcan/speculation-bugs#future-speculation …https://twitter.com/andywingo/status/1097418315570577408 …
Show this thread
Other "this was obvious but finally someone said it" moments from that paper: messing with timer resolution doesn't work and is not a fix.pic.twitter.com/c8l1WArycp
-
-
Reminder: 10 bytes per second = your bank's authentication cookie in two seconds. From any random website running JavaScript. Shared address space VMs are dead. Firefox is a security risk until Project Fission is done. Should've started working on process isolation much earlier.pic.twitter.com/X40AiQp6TJ
Show this thread -
(And don't get me started on terrible ideas like eBPF JIT in the kernel)
Show this thread -
Speculation is something you can plausibly deal with in security-critical code (e.g. file parsers) with *very* careful use of barriers and such (and it's *hard*). But JITs? Yeah, no, you're screwed. You need process isolation (and that still has side channels).
Show this thread
End of conversation
New conversation -
-
-
this seems like a weird strawman proposal compared to e.g. freezing timers during execution of untrusted code / reducing the resolution of any remaining ones to ms levels
-
Freezing timers does not work. What are you going to do, warp wall clock time forever? Reducing resolution does not work, that's what the paper explains (you can amplify any effect). And you can always make a timer out of a thread and busyloops.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.