rysiek ✅ is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
rysiek ✅ @rysiek

Mozilla:
blog.mozilla.org/security/2018

"(...) Our internal experiments confirm that it is possible to use similar techniques from Web content to read private information between different origins.

(...)

The resolution of performance.now() will be reduced to 20µs.
The SharedArrayBuffer feature is being disabled by default.

Furthermore, other timing sources and time-fuzzing techniques are being worked on."

· Web · 9 · 6
maloki @maloki

@rysiek this is good? Too technical for my brain right now.

maloki @maloki

@rysiek this is good? Too technical for my brain right now.

rysiek ✅ @rysiek

@maloki it's... what it is. Mozilla confirms that Spectre/Meltdown are exploitable via JS in a browser. And working on some fixes.

mastodon.social powered by Mastodon