[grub5000]

First hit for googling "Spectre Javascript POC": https://github.com/ascendr/spectre-chrome

[therein]

> Enable `#shared-array-buffer` in `chrome:///flags` under your own risk...

[tptacek]

SharedArrayBuffer was disabled exactly because vulnerabilities like this are easily exploitable (but there are POCs that don't depend on it).

[ComputerGuru]

It was only disabled as a mitigation to these specific attacks, in case you though it was an experimental or “at your own risk” type of thing.

[daira]

Disabling SharedArrayBuffer is just stopping the most obvious method of exploitation; it's by no means a fix. Expect a slew of papers over the next few years on other methods of exploitation from JS.

[mtgx]

Every single browser had to disable that feature because of those flaws.