Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I can't figure out whether this means that OS-level mitigation of the problem doesn't prevent all avenues for exploitation. The headline implies it (and probably made it to the front page based on that implication) but TFA doesn't make it clear whether that's true.


Any branch on attacker-controlled data can be speculatively bypassed. You would have to at the very least recompile all applications to attempt to mitigate the two Spectre variants discussed so far.

Unless there is some way to turn off speculation entirely, but that would hurt performance badly.


So why are the OSes bothering to patch anything?


There are (at least) two separate things going on. Meltdown, the flaw exclusive to Intel and some ARM CPUs, is very easy to exploit and is the one being patched by OS vendors.

Spectre is a whole other can of worms, on the one hand it's more tricky to exploit, on the other hand there might not be an easy fix and people are speculating (no pun intended) that it will have to be dealt with in hardware.


Spectre works in javascript due to how aggressive the JIT is.

Chrome and Firefox are already working on solutions as you cannot exploit the JIT if it generates code that ruins your timing as far as I'm aware.

So that solves the problem for most people, but all other environments that allow execution of untrusted code also need to be updated.


the pun is apparently at least part of where the name come from, as it exploits speculative computation




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: