Archives
Archives
| From: | "Andrey F." <ma3oxuct@×××××.com> | ||
|---|---|---|---|
| To: | gentoo-user@l.g.o | ||
| Subject: | Re: [gentoo-user] Re: Spectre and Meltdown summary | ||
| Date: | Thu, 04 Jan 2018 21:15:27 | ||
| Message-Id: | CAD7sfFzdPWAKxqy6XwL7083C6Rx5RjBZNvpPQGpoQDXn+uvXmA@mail.gmail.com | ||
| In Reply to: | [gentoo-user] Re: Spectre and Meltdown summary by Adam Carter |
||
| 1 | Thanks for the great summary! Having 2FA enabled for all accounts will |
| 2 | go a long way as well. |
| 3 | |
| 4 | On Thu, Jan 4, 2018 at 4:21 AM, Adam Carter <adamcarter3@×××××.com> wrote: |
| 5 | > Browser stuff |
| 6 | > |
| 7 | > I'm guessing this relates to Variant1; |
| 8 | > @hackerfantastic "Blackhats will be weaponizing spectre to steal session |
| 9 | > cookies from additional websites opened in the browser, especially financial |
| 10 | > sites. Enable site isolation in Chrome now. |
| 11 | > https://support.google.com/chrome/answer/7623121?hl=en-GB" |
| 12 | > |
| 13 | > Sounds like Mozilla will make some changes in Firefox 57 to make the attacks |
| 14 | > more difficult; |
| 15 | > "Our internal experiments confirm that it is possible to use similar |
| 16 | > techniques from Web content to read private information" |
| 17 | > https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ |
| 18 | > |
| Subject | Author |
|---|---|
| Re: [gentoo-user] Re: Spectre and Meltdown summary | Adam Carter <adamcarter3@×××××.com> |