« Ah, modern times | Main | Progress! »

Saturday, 06 January 2018


The Kernel might not store plaintext passwords for very long, but it might have to have the results of a cryptographic handshake, a short term session key or a disk encryption key.

The attacks are timing attacks against speculative execution. You're never able to directly read the wrong memory, but you can make the failed read happen at different speeds depending on the computation that gets blocked. I've read that chrome has nerfed its precision timer, reducing the accuracy from 5 usec to 20 usec.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)

My Photo


  • The Secretary disavows any knowledge of my actions.
  • The Gnomes of Zurich are not responsible for any content on this site.

Blogroll: 2012!

Blog powered by Typepad