> I’m very very sorry, that you think I’m NOT understanding „Specter" and > what this shows. - I understand this very well! ;) > > *FOR YOU:* > *====== > * > PLEASE look at the possibilities of the new *version 57.0.4 of Firefox*. > *With this special created release (of this browser) you can PATCH the > Microcode* *AGAINST Specter Let me stop you right there. This is simply not true at all. If you would have read up on what exactly they changed in 57.0.4 of Firefox to mitigate the Meltdown and Spectre attacks you might have seen that they simply changed the resolution of the timing source you can get via the javascript function performance.now() to be 20 µs.
Since both Meltdown and Spectre rely on having accurate high resolution timing information available to the process running the attack, this effectively leads to those attacks no longer working from within Firefox. This has absolutely NOTHING whatsoever to do with microcode patching, and so is absolutely irrelevant. > But in this case (Spectre) just a "bad website" can be used to reed data from > other areas. This is possible because of some side-effect the current > Microcode has. If we can FIX that with the special version (57.0.4) of > Firefox, a hacker can change it back again with an other program and no one > knows! - After this he just need a "bad website" to get datas AGAIN. This also fundamentally shows that you have not understood how microcode updates work. You can't just "change it back" as microcode updates only work in one direction, that is "the update applied needs to be newer than the one already applied", the update revision is included in the cryptographic signature of the microcode update. So you cannot just apply old updates on top of new ones.
