Meltdown and Spectre security vulnerabilities

Sounds like a buddy movie for cheesy anime villains, doesn’t it?

Ugh. Melty cheesy pun not intended, sorry about that.

ANYHOW, please do update your browser on your desktop/laptop/mobile device. The timing attack requires precise time info, which is mostly blocked by changes in browsers in the latest version.  This is very important; while Spectre exploits are not found in the wild yet, you really don’t want malicious Javascript in a rogue web page inspecting *all your other processes for passwords*.

So patch, please.  See my running twitter feed e.g. 

To see the whole stream, do:

For those of us who also run servers, the problem is much more extensive. In particular, I worry about containerized apps where the host is shared between tenants.  

The security escalation game continues…