
CPUs: information leak using speculative execution (2017) - runesoerensen
https://bugs.chromium.org/p/project-zero/issues/detail?id=1272
======
sweetishfish
I know this bug (and it is a bug Intel) is causing a lot of headaches for
people, but now that the details are out it's clear there is a good amount of
genius and ingenuity that goes into designing exploits like this. It's also
even clearer given the June 1, 2017 posting date that Intel knew about this
issue for some time. This should give more credence to people claiming insider
trading by Intel's CEO.

------
jamiesonbecker
Proof of concept sploits: [https://bugs.chromium.org/p/project-
zero/issues/attachment?a...](https://bugs.chromium.org/p/project-
zero/issues/attachment?aid=287306)

~~~
barsonme
(Just a warning for folks: it's a direct link to a .tar file, not a page with
a list of files you can download.)

~~~
saurik
(I haven't felt the need for such a warning since approximately 1998, when
people stopped relying so much on third-party web hosting via FTP, and
Content-Type fields were generally accurate. I recommend upgrading your web
browser: direct links to a tar file no longer cause the entire window to be
filled with line noise; and, if you try one of these newer graphical browsers,
even if that happens for some reason it doesn't mess up your TTY state.)

~~~
allannienhuis
It's courteous to let people know what they link is if it's 'unusual' (not a
web page or image), especially when the link is visually truncated.

For people on mobile devices, triggering a download of a large file
unexpectedly is annoying and uses up a typically limited resource.

