really excited for every fucking game console getting hacked with that bug tho 👍
@amphetamine
switch: hacked
ps4: hacked
xbox 1: hacked
commodore 64: hacked
@wxcafe @amphetamine Hey, the 6510 doesn't do speculative execution, C64s are safe from the spectre/meltdown stuff
@troubleMoney @wxcafe @amphetamine does the z80 tho
@a_breakin_glass @wxcafe @amphetamine I'm fairly sure it doesn't
@troubleMoney @amphetamine they're still hacked tho :p
@wxcafe Lol now Nintendo isn’t the only one with browser vulnerabilities.
@lanodan_tmp they literally all use webkit with the same vulns tho. the PS4 was hacked that same way a few years ago. Nintendo actually took care to make sure you can't access arbitrary websites through the browser, it's just that a 3rd party vendor broke that
@lanodan_tmp but like webkit will always be hecked up
@wxcafe I don’t think so, it’s more like webkit ports being severely out-of-date. (We will get the same thing with Chromium based ones).
Also website blocking is ~stupid, I’m pretty sure things like bandcamp or soundcloud can be used to trigger soundhax or similar.
@lanodan_tmp they don't website block they just don't expose the browser except to display specific static documents without any links.
also up to date versions of webkit are broken too, we just don't know about it yet. It's such a large piece of software there's a lot of bugs in it, and it's pretty well looked at which means new ones are discovered pretty regularly
@wxcafe @lanodan_tmp The way you can get the switch browser to open other sites is sooo beautiful though
@wxcafe Damn, hadn't thought about that :o
@wxcafe homebrew for switches when
@a_breakin_glass well, that's another question
@a_breakin_glass @wxcafe Soon™
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8941.html
get on 3.0.0, stay on 3.0.0
@cdr @a_breakin_glass soon here meaning "as soon as people wanna start working on it" so
might take a while
@wxcafe I don't own one, but that's kind of an important prequisite for consoles IMHO
@a_breakin_glass how is that a prerequisite? it's literally the end-game of hacking the console, so it can't be a *pre* requisite
@wxcafe I mean a prerequisite of me deciding to buy a console
@wxcafe a prerequisite for me getting a console, sorry
@elomatreb @a_breakin_glass yeah i was there lol
@wxcafe I know, I was sitting in the row behind you at the mastodon meetup :)
Was meant for @a_breakin_glass
@wxcafe hehe cell is immune
@bea but like who uses cell anymore
@wxcafe nobody of course it's just kinda funny
@bea running my next desktop on cell
@wxcafe Most consoles are AMD which doesnt really use speculation execution, so they will be more resistant to this. Alas!
@polychrome every CPU vendor is affected tho?
@wxcafe It depends on the bug. It's actually two of them: Meltdown is Intel only and is the worse one, letting you read kernel memory space. Spectre is cross-architecture and lets you read the memory of other user programs, but not the kernel.
With consoles you're most likely going to want to read the kernel memory space. You might still get some interesting things from other user space processes, but probably less so.
This is why I said "more resistant" rather than "safe" ;)
@polychrome oh yeah okay, I thought you meant something else
I mean, the switch for example is a microkernel, so you don't care about kernel memory at all, you just care about the privileged processes, which are in userspace.
idk about the ps4 and x1 but generally speaking by reading the memory of other processes on a console you're set. You can get a looot of stuff from userland daemons (like, idk, keys and stuff)
@wxcafe Haven't considered microkernels - that'll be interesting~ 
Sadly I am fairly confident the PS4 is monolithic. Not sure about the XBox.
@polychrome either way, you can still steal a lot of info from user processes, which are generally useful in embedded applications
@wxcafe I knew I kept my 486 for a reason.
@polychrome let's try and get the PS4 to run on that
@wxcafe omg amazing silver lining