NetSpectre, The New Vector
Meanwhile, in Spectre (PDF) news, comes word from Ars Technica's Peter Bright, of a newly discovered attack vector (PDF) (dubbed NetSpectre) using the pernicious speculative-execution in-built microcode from the Minds of Intel Corporation. Now - and this is truly lovely - the vectors' not local, but external and free from the constraints of local environs (perhaps endpoint security, etc) and is consequently a more pernicious network-resident information operation. Thanks Intel You're Swell!
"That impact is now a little larger. Researchers from Graz University of Technology, including one of the original Meltdown discoverers, Daniel Gruss, have described NetSpectre: a fully remote attack based on Spectre. With NetSpectre, an attacker can remotely read the memory of a victim system without running any code on that system." - via Peter Bright,, whilst writing at Ars Technica