Re: [webkit-dev] Request for position: Aligning high-resolution timer granularity to cross-origin isolated capability

On Thu, Mar 18, 2021 at 12:26 AM Yoav Weiss via webkit-dev wrote: > > On Wed, Mar 17, 2021 at 5:51 PM Geoff Garen wrote: >> >> For the 100 microsecond value — our research suggests that you need a much >> higher value in vulnerable contexts. >> >> For the guaranteed isolated case — have you

Re: [webkit-dev] Request for position: Aligning high-resolution timer granularity to cross-origin isolated capability

On Wed, Mar 17, 2021 at 5:51 PM Geoff Garen wrote: > For the 100 microsecond value — our research suggests that you need a much > higher value in vulnerable contexts. > > For the guaranteed isolated case — have you considered the use of high > precision time to carry out non-Spectre timing

Re: [webkit-dev] Request for position: Aligning high-resolution timer granularity to cross-origin isolated capability

For the 100 microsecond value — our research suggests that you need a much higher value in vulnerable contexts. For the guaranteed isolated case — have you considered the use of high precision time to carry out non-Spectre timing attacks? Thanks, Geoff > On Mar 17, 2021, at 3:38 AM, Yoav

[webkit-dev] Request for position: Aligning high-resolution timer granularity to cross-origin isolated capability

Hey folks, We recently changed the HR-time spec to better align its resolution clamping with cross-origin isolated capability