Date: Thu, 04 Jan 2018 15:49:41 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Eric McCorkle <eric@metricspace.net> Cc: freebsd-security@freebsd.org Subject: Re: Intel hardware bug Message-ID: <86zi5tu1a2.fsf@desk.des.no> In-Reply-To: <0bb7ffc6-fa51-98db-9dc1-1bd49e1c7b44@metricspace.net> (Eric McCorkle's message of "Wed, 3 Jan 2018 22:01:45 -0500") References: <19097.1515012519@segfault.tristatelogic.com> <02563ce4-437c-ab96-54bb-a8b591900ba0@FreeBSD.org> <7C58A6DB-0760-4E5A-B65D-2ED6A6B7AAD2@acsalaska.net> <867esy2vwz.fsf@desk.des.no> <0bb7ffc6-fa51-98db-9dc1-1bd49e1c7b44@metricspace.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Eric McCorkle <eric@metricspace.net> writes: > Given enough skill, resources, and motivation, it's likely that an > attacker could craft a javascript-based version of the attack, then > every javascript website (aka all of them) is a potential attack vector. Uh, this has already been demonstrated. According to Google, Chrome 64 (to be released in a few days) includes countermeasures against it. I don't have any further details. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86zi5tu1a2.fsf>