(Also, @tqbf gave some helpful feedback that the piece could be interpreted to be against optimization. This isn't a "how to fix it" piece, but to the degree there are suggestions for design, it is isolation, separation, and crucially, integrated security-analysis across layers.)
-
-
Show this thread
-
As an ordinary user, the most important thing you can do against
#spectre and#meltdown is to update your software and to install an ad-blocker like uBlock Origin. Realistically, the end-user threat is malvertisement. https://www.nytimes.com/2018/01/06/opinion/looming-digital-meltdown.html …pic.twitter.com/RDj3aTbFvg
Show this thread -
Here's
@ncweaver explaining why blocking ads is a crucial security measure. Subscribe to newspapers (not just national ones), donate, support or pay for your favorite sites (even if a few dollars! They make so little money from ads!), and *block* ads. https://www.lawfareblog.com/spectre-advertising-meltdown-what-you-need-know …pic.twitter.com/VWmUXJm2hJ
Show this thread -
Yes. Good points. https://twitter.com/webinista/status/950040501486432258 …
This Tweet is unavailable.Show this thread -
The biggest
#spectre threat on the end user side is malvertisement. Ads are not vetted and they execute remote code. Fixing the ad mess is a security issue. Meanwhile, install an adblocker like Ublock Origin, and subscribe or contribute to your favorite sites.Show this thread -
And malvertisement is a separate, independent threat from what I talk about here in terms of downsides ads.https://twitter.com/tedtalks/status/950361029606854656 …
Show this thread
End of conversation
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Is what you are saying in the OpEd even possible in the current internet? The beauty of our net-neutral internet is it's messiness. Seems like we need an isolated, built from ground up secure second network.
-
We do not need a new network What we need is a mode where we can run secure private actions It would require serious involvement from the user (multi-factor authentication, hardened browsers, etc..) and many tools (such as Javascript) would not be allowed
End of conversation
New conversation -
-
-
Today's microprocessors, with speculative execution and other complexities, are so complex, its difficult to imagine anyone understanding them well enough to provide security. Same for a lot of software. And many of the features we have today don't make us more productive.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.