New NetSpectre Attack Can Steal CPU Secrets via Network Connections

Scientists published a paper Friday detailing a new Spectre-class CPU attack that can be carried out via network connections and does not require the attacker to host code on a targeted machine. From a report: This new attack --codenamed NetSpectre -- is a major evolution for Spectre attacks, which until now have required the attacker to trick a victim into downloading and running malicious code on his machine, or at least accessing a website that runs malicious JavaScript in the user's browser. But with NetSpectre, an attacker can simply bombard a computer's network ports and achieve the same results. Although the attack is innovative, NetSpectre also has its downsides (or positive side, depending on what part of the academics/users barricade you are). The biggest is the attack's woefully slow exfiltration speed, which is 15 bits/hour for attacks carried out via a network connection and targeting data stored in the CPU's cache.

Correcting myself - not random data

[raymorris]

> even if only random data now. someone will figure out how to get specific data.

They will and they did, it seems. I just read more about it.
The basic attack would be ~random data, but people have combined it with other very clever ideas to be able to target certain memory locations.

In those cases in which they can access memory through the kernel, such as the networking portion of the kernel, address randomization is bypassed.