[Arm-netbook] Meltdown and Spectre

Hendrik Boom hendrik at topoi.pooq.com
Fri Jan 5 01:18:21 GMT 2018

On Thu, Jan 04, 2018 at 06:13:45PM -0500, Adam Van Ymeren wrote:
> Louis Pearson <desttinghimgame at gmail.com> writes:
> > Has anybody else seen the recently published exploits Meltdown and Spectre?
> > Here's a link: https://meltdownattack.com/
> The thing about Meltdown/Spectre is that they're really only problems if
> you rely on sandboxing to run untrusted code.

It doesn't care whether you sandbox.  It makes a privilege escalation 
possible.  If untrustworthy code runs with few privileges, it can 
exfiltrate enough information to accomplish a privilege escalation.  The 
point of mentioneing the sandbox is simply that the sandbox doesn't 

Of courses it doesn't matter if you trust the code.  It matters if it is 

-- hendrik

More information about the arm-netbook mailing list