a new intel-specific CPU vulnerability has been discovered: cyberus-technology.de/posts/20

quick facts:
- can be used to leak data between processes, hyperthreads, SGX enclaves, etc
- effects core and xeon CPUs
- CPUs with meltdown mitigations are less effected, but still vulnerable
- this is a hardware issue - OS independent
- can be mitigated by disabling hyperthreading
- proof of concept - one thread is able to access URLs typed into firefox (a different thread)

Sign in to participate in the conversation
chickenfan.club

Jace's personal Mastodon instance