Login

***CentBrowser*** · 01-11-2018, 04:18 PM

(01-11-2018, 11:08 AM)David Wrote: I found a new problem, when I use the browser to watch Twitch live, there will be a certificate error, then when using Google Chrome does not appear this error

We can't reproduce this issue on our side, please check your extensions.(especially ad blocker)

***CentBrowser*** · 01-11-2018, 04:19 PM

(01-11-2018, 12:28 PM)reactor Wrote: http://xlab.tencent.com/special/spectre/...check.html

We already knew it.
You can change "chrome://flags/#shared-array-buffer" to "Disabled" to bypass the test.

reactor · 01-11-2018, 04:45 PM

(01-11-2018, 04:19 PM)CentBrowser Wrote: We already knew it.
You can change "chrome://flags/#shared-array-buffer" to "Disabled" to bypass the test.

This only would stop a Javascript based attack.

https://repl.it/repls/DeliriousGreenOxpecker
If you can read the letter "The Magic Words are Squeamish Ossifrage." it means that theorically any website can steal your complete browser session with a few javascript. You log into your bank account, then you visit a rogue website = your credentials are stolen.

The other bug, Spectre, involves two known attack strategies so far, and is far more difficult to patch. (And in fact, it may be impossible to defend against it entirely in the long term without updating hardware.)
https://www.wired.com/story/meltdown-and...ility-fix/

Sad

main user · 01-12-2018, 05:31 AM

When you plan to exit stably version 3.1...?

***CentBrowser*** · 01-12-2018, 05:08 PM

(01-12-2018, 05:31 AM)main user Wrote: When you plan to exit stably version 3.1...?

Maybe in three days.

karserasl · 01-15-2018, 06:10 PM

(01-11-2018, 04:45 PM)reactor Wrote: This only would stop a Javascript based attack.

https://repl.it/repls/DeliriousGreenOxpecker
If you can read the letter "The Magic Words are Squeamish Ossifrage." it means that theorically any website can steal your complete browser session with a few javascript. You log into your bank account, then you visit a rogue website = your credentials are stolen.

The other bug, Spectre, involves two known attack strategies so far, and is far more difficult to patch. (And in fact, it may be impossible to defend against it entirely in the long term without updating hardware.)
https://www.wired.com/story/meltdown-and...ility-fix/

Ok, first of all, that script running will just check if the LOCAL system is vulnerable. That means the server that is running the script is vulnerable.
If you want to check your PC, then download the code, compile it and run it on your system.

Second, we actually need a new update ASAP. https://xlab.tencent.com/special/spectre...check.html Confirms that Cent is vulnerable.

reactor · 01-16-2018, 07:33 AM

(01-15-2018, 06:10 PM)karserasl Wrote: Ok, first of all, that script running will just check if the LOCAL system is vulnerable. That means the server that is running the script is vulnerable.
If you want to check your PC, then download the code, compile it and run it on your system.

Second, we actually need a new update ASAP. https://xlab.tencent.com/special/spectre...check.html Confirms that Cent is vulnerable.

https://www.grc.com/inspectre.htm

vladbsid · 01-17-2018, 04:32 AM

When will the stable version 3.1.x.xx come out?

user_99 · 01-17-2018, 07:58 AM

(01-15-2018, 06:10 PM)karserasl Wrote: Ok, first of all, that script running will just check if the LOCAL system is vulnerable. That means the server that is running the script is vulnerable.
If you want to check your PC, then download the code, compile it and run it on your system.

Second, we actually need a new update ASAP. https://xlab.tencent.com/special/spectre...check.html Confirms that Cent is vulnerable.

With setting the flags this link show $ Your browser is NOT VULNERABLE to Spectre

AHMD · 01-17-2018, 11:39 AM

NEW VERSION
WHEN?
THANKS

Login
Username/Email:
Password:	Lost Password?
	Remember me