hngopher.com

       [HN Gopher] Apple's Safari browser is still vulnerable to Spectr...
       ___________________________________________________________________
        
       Apple's Safari browser is still vulnerable to Spectre attacks
        
       Author : sizzle
       Score  : 60 points
       Date   : 2023-10-30 21:15 UTC (1 hours ago)
        
 (HTM) web link (news.rub.de)
 (TXT) w3m dump (news.rub.de)
        
       | taspeotis wrote:
       | What is this, Hacker Olds?
       | 
       | https://news.ycombinator.com/item?id=38015277
        
       | Angostura wrote:
       | Hmmm, the article points to the iLeakage page:
       | 
       | On this page, under the 'mitigations;' sections it says:
       | 
       | > At the time of public release, Apple has implemented a
       | mitigation for iLeakage in Safari. However, this mitigation is
       | not enabled by default, and enabling it is possible only on
       | macOS. Furthermore, it is marked as unstable.
       | 
       | This is the 'Swap Processes on Cross-Site Window'.
       | 
       | I've just checked and on Sonoma, this flag is marked as Stable -
       | and is activated by default.
       | 
       | It is also turned on by default on iOS 17.1.
       | 
       | Obviously, I don't know when this arrived, but it seems to me
       | that the mitigation has already been rolled out.
       | 
       | Disclaimer: It is _possible_ that I previously enabled this
       | feature flag on my Mac and Phone and I forgot, but I don 't think
       | so. It also activated in the Guest User Safari settings and that
       | is recreated as a clean account each time.
        
         | mrtesthah wrote:
         | "Swap Processes on Cross-Site Navigation" is enabled by default
         | in Safari 17.1 on macOS Ventura 13.6.1. Is that the same
         | feature flag?
        
           | Me1000 wrote:
           | No, they are different flags: https://github.com/WebKit/WebKi
           | t/blob/74f89d607e2abbf27a8cd1...
        
         | Me1000 wrote:
         | Cross origin navigation will do a process swap, but cross
         | origin window.open()s will not, they are different flags, the
         | former is on by default, the latter is not:
         | https://github.com/WebKit/WebKit/blob/74f89d607e2abbf27a8cd1...
        
       | ArchOversight wrote:
       | Trying the mitigations, it fails:                 % defaults
       | write com.apple.Safari IncludeInternalDebugMenu 1
       | 2023-10-30 16:25:46.182 defaults[71906:4790936] Could not write
       | domain /Users/poppopret/Library/Containers/com.apple.Safari/Data/
       | Library/Preferences/com.apple.Safari; exiting
       | 
       | Does this require disabling SIP?
        
       ___________________________________________________________________
       (page generated 2023-10-30 23:01 UTC)