[olliej]

It appears to be an attack specifically on the retpoline approach the Linux used to prevent the original specter attacks. Given it appears that Linux is the only OS that took that approach they’re the only one vulnerable? (The article explicitly calls out Linus ignoring warnings about this possibility)

[staticassertion]

Someone should create an index of "Linus said this attack was impractical/ unimportant". I can think of a number of great examples off the top of my head.

[gpderetta]

Linux claimed it was not practical. Is this attack actually practical? Are 200-3kb/s sufficient for a realistic attack?

[holycrapwhodat]

> Are 200-3kb/s sufficient for a realistic attack?

Yes.

[pishpash]

First dialup connections were 1200bps. Earlier adhoc connections were lower.

[marshray]

So how many seconds would it take to leak your password at that rate?

[olliej]

Per the article 5-7 minutes for the root hash on the effected AMD systems?

I'm guessing that's also not doing any kind of actual targeted traversal because if you can just do a heap walk you don't need anywhere near that amount of data.