Hacker News new | past | comments | ask | show | jobs | submit login

According to the researchers in the paper[0] this is not true.

>We have verified that we can leak information across arbitrary address spaces and privilege boundaries, even on recent Intel systems with the latest microcode updates and latest Linux kernel with all the Spectre, Meltdown, L1TF default mitigations up (KPTI, PTE inversion, etc.). In particular, the exploits we discuss below exemplify leaks in all the relevant cases of interest: process-to-process, kernel-to-userspace, guest-to-guest, and SGX-enclave-touserspace leaks. Not to mention that such attacks can be built even from a sandboxed environment such as JavaScript in the browser, where the attacker has limited capabilities compared to a native environment.

[0] https://mdsattacks.com/files/ridl.pdf




I searched the the paper and it doesn't seem to falsify what I linked to, but I'll have to dig deeper into the research. "Recent Intel systems" isn't specific enough.


Page 16 in the slides[1] lists vulnerable processors, 8700K is one of them

[1] https://mdsattacks.com/slides/slides.html

edit: This is mentioned in the paper as well, on page 8




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: