top | item 16580981 (no title) grub5000 | 8 years ago First hit for googling "Spectre Javascript POC": https://github.com/ascendr/spectre-chrome discuss order hn newest therein|8 years ago > Enable `#shared-array-buffer` in `chrome:///flags` under your own risk... tptacek|8 years ago SharedArrayBuffer was disabled exactly because vulnerabilities like this are easily exploitable (but there are POCs that don't depend on it). ComputerGuru|8 years ago It was only disabled as a mitigation to these specific attacks, in case you though it was an experimental or “at your own risk” type of thing. daira|8 years ago Disabling SharedArrayBuffer is just stopping the most obvious method of exploitation; it's by no means a fix. Expect a slew of papers over the next few years on other methods of exploitation from JS. mtgx|8 years ago Every single browser had to disable that feature because of those flaws.
therein|8 years ago > Enable `#shared-array-buffer` in `chrome:///flags` under your own risk... tptacek|8 years ago SharedArrayBuffer was disabled exactly because vulnerabilities like this are easily exploitable (but there are POCs that don't depend on it). ComputerGuru|8 years ago It was only disabled as a mitigation to these specific attacks, in case you though it was an experimental or “at your own risk” type of thing. daira|8 years ago Disabling SharedArrayBuffer is just stopping the most obvious method of exploitation; it's by no means a fix. Expect a slew of papers over the next few years on other methods of exploitation from JS. mtgx|8 years ago Every single browser had to disable that feature because of those flaws.
tptacek|8 years ago SharedArrayBuffer was disabled exactly because vulnerabilities like this are easily exploitable (but there are POCs that don't depend on it).
ComputerGuru|8 years ago It was only disabled as a mitigation to these specific attacks, in case you though it was an experimental or “at your own risk” type of thing.
daira|8 years ago Disabling SharedArrayBuffer is just stopping the most obvious method of exploitation; it's by no means a fix. Expect a slew of papers over the next few years on other methods of exploitation from JS.
therein|8 years ago
tptacek|8 years ago
ComputerGuru|8 years ago
daira|8 years ago
mtgx|8 years ago