
Skyfall and Solace are hoaxes - bcantrill
https://twitter.com/bcantrill/status/955515841218600960
======
bcantrill
We -- like most, I imagine -- didn't take this too seriously. On the other
hand, the original site was quite explicit (claiming that it had disclosed
information to chip and OS vendors), and given the highly asymmetric
disclosure of Spectre and Meltdown from Intel, we did spend (waste) time
verifying that this was a hoax; this was no more a "social experiment" than
yelling "fire!" in a crowded theater.

------
lou1306
Come _on_. Names are a necessity, even in research: call them "Speculative
execution vulnerabilities One and Two" and everybody will get confused.

Of course there is no real need for logos, but then again, if the guys who
find these bugs have some in-house art team, what's the big deal?

And by the way:

> If these particular vulnerabilities hadn't been given catchy names by the
> researchers that discovered them, would anyone have batted an eyelid ?

Maybe I'm the only one, but when they told me "Look, this process can read
inside the memory space of any other process, without authorization" I batted
my eyelids all the way, regardless of names.

------
thsowers
The entire post on [https://skyfallattack.com/](https://skyfallattack.com/)
comes off as preachy and defensive.

> Skyfall and Solace aren't hoaxes as such, but more of a social experiment

"social experiment" is a defendable position, but saying that this wasn't a
hoax is just incorrect. The site was a falsehood deliberately fabricated to
masquerade as the truth.

A few people got interested in the possibility of an attack, which is
understandable given the current climate, but I doubt that anyone took this
website seriously, more as just something to keep an eye on.

------
vardump
No kidding.

It was pretty obvious from the beginning.

[https://news.ycombinator.com/item?id=16175707](https://news.ycombinator.com/item?id=16175707)

