• moxOP
    link
    fedilink
    English
    170
    edit-2
    8 months ago

    The second comment on the page sums up what I was going to point out:

    I’d be careful making assumptions like this ; the same was true of exploits like Spectre until people managed to get it efficiently running in Javascript in a browser (which did not take very long after the spectre paper was released). Don’t assume that because the initial PoC is time consuming and requires a bunch of access that it won’t be refined into something much less demanding in short order.

    Let’s not panic, but let’s not get complacent, either.

      • @booly@sh.itjust.works
        link
        fedilink
        English
        118 months ago

        Can’t fix the vulnerability, but can mitigate by preventing other code from exploiting the vulnerability in a useful way.