Hacker News new | past | comments | ask | show | jobs | submit login

I use only noscript/basic (x)html browsers.

I heard from Zen3 silicon, spectre and friends are fixed.




Spectre as a general vulnerability class is NOT fixed. And you can write perfectly vulnerable-to-Spectre code in Rust, or anything you like. As long as there are "virtual" privilege separations under the same hardware privilege level, which is extremely common nowadays (hey, it's called sandbox). It would be vulnerable on ANY processor with speculative execution, including past, current and future Intel, AMD processors, M1, M2 and you name it. No need for JavaScript in browsers. Please just read the page, it's not browser specific.

In this case the only thing one can fix is, surprise, the vulnerable code!


Wow, it is even worse, with such well known silicon vulnerabities, it seems it is not legal to sell such CPUs in my country.


So rumors are wrong, or even worse, AMD lied.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: