• mox@lemmy.sdf.orgOP
    link
    fedilink
    English
    arrow-up
    171
    ·
    edit-2
    9 months ago

    The second comment on the page sums up what I was going to point out:

    I’d be careful making assumptions like this ; the same was true of exploits like Spectre until people managed to get it efficiently running in Javascript in a browser (which did not take very long after the spectre paper was released). Don’t assume that because the initial PoC is time consuming and requires a bunch of access that it won’t be refined into something much less demanding in short order.

    Let’s not panic, but let’s not get complacent, either.

    • linearchaos@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      ·
      9 months ago

      I mean, unpatchable vulnerability. Complacent, uncomplacent, I’m not real sure they look different.

      • booly@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        11
        ·
        9 months ago

        Can’t fix the vulnerability, but can mitigate by preventing other code from exploiting the vulnerability in a useful way.