1. 18

  2. 10

    Haha. “With this method, we can exploit the side effects of the Meltdown mitigations to break KASLR reliably.”

    1. 3

      CPU manufacturers have been ignoring security for a long time, relying on obscurity. My pessimistic observation is this:

      1. Some researchers look under a rock (i.e CPU), find bad security.
      2. It becomes trendy to look under these rocks, other researchers join the fun.
      3. Repeat

      This may be a bit tautological, but if you want to find new vulnerabilities as a security researcher, it seems as simple as to look where others haven’t and aren’t, for whatever reason. And I think the nature of academia discourages this, so it’s not tough to think of.

      This comment may be a bit of an oversimplification. I know some things about security, but I’m by no means an expert. Am I wrong here?

      1. 2

        I’m no expert but I agree with the sentiment and think there is definitely truth in what you’re saying here.