Spectre can be exploited in just only javascript.
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ Browsers are making changes to mitigate this. http://www.tomshardware.com/news/meltdown-spectre-exploit-browser-javascript,36221.html The actual extents of the attack that are realistically possible in this scenario, I do not know. But as stated in the article google suggests: "Where possible, prevent cookies from entering the renderer process' memory by using the SameSite and HTTPOnly cookie attributes, and by avoiding reading from document.cookie." I would take that to mean that cookies could be accessed, at the least. On Thu, Jan 4, 2018 at 12:16 PM, Stas Malyshev <[email protected]> wrote: > Hi! > > > So far so good. What I am wondering is whether that password reset trial > is > > actually even more dangerous now given Spectre / Meltdown? > > I think for those you need local code execution access? In which case, > if somebody gained one on MW servers, they could just change your > password I think. Spectre/Meltdown from what I read are local privilege > escalation attacks (local user -> root or local user -> another local > user) but I haven't heard anything about crossing the server access > barrier. > > > (I probably should set up 2FA right now. Have been too lazy so far) > > Might be a good idea anyway :) > > -- > Stas Malyshev > [email protected] > > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
