Re: Just kill ALL code in a browser.
"Yeah, that'll stop anyone exploiting cpu flaws."
Umm, yeah, actually it might. You see, none of these flaws are remotely accessible. They all require the attacker to actually run code on the target computer. Traditionally, the way around this annoying limitation is to persuade everyone that it is safe to run arbitrary third-party (untrusted) code in a browser because the browser's sandbox will protect the machine. We now find that this ain't necessarily so. Solution: stop running untrusted code in your browser (or anywhere else).