*waits for breathless press coverage of Netspectre*
I don't think that exfiltrating data is the goal here. Think metadata instead of data. The paper outlines (section 6.2.1) an attack that can remotely bypass ASLR in 2 hours.
-
-
yep, but in terms of doing anything particularly useful in a practical sense, I don't see it.
-
A remote bypass of ASLR is quite useful, IMO. It's important to think of vulnerabilities not always as what they can do in a vacuum, but how they may be useful to an attacker in combination with something else.
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.