Man, Ars' headline doesn't sugar-coat things:
“Meltdown” and “Spectre”: Every modern processor has unfixable security flaws https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern-processor-has-unfixable-security-flaws/
And for completeness here's Google's blog post: https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html (h/t @netshade and others)
curious what happens next
actually, here's a real sign that something's ~ going on ~ https://octodon.social/media/rKAbOBJck-zEoIbfbP4
@schlink well this is existentially spooky
@schlink ruh roh
I wouldn't be surprised if the NSA has lost a powerful set of tools from their toolbox as a result of this.
Many computers will go unpatched, and these vulnerabilities will go *into* the toolboxes of pentesters and malware authors.
Motherboard has a nice explainer today: "The Clever Engineering Behind Intel's Chipocalypse"
but tbh this birdsite thread may be the clearest not-too-technical explanation of the flaw that I've seen https://twitter.com/FioraAeterna/status/948684092333158400
@schlink Notice that it's not «google» it's public research from university and a guy from google.