From reading this paper, this appears to allow you to guess what a computer is doing by determining which memory regions are actively in use by making use of the high precision timer.
By training it on something like network or mouse pointer data, you can determine whether a user or network is active based on cache activity patterns. You can't resolve much else other than this high-level view of which segments are in use, but they've been pretty creative figuring out what this can tell you.
It's possible that this could be used as another method to fingerprint Tor users, or confirm that a given Tor user corresponds to a given insecure user.
This paper is really more about the fact that basically everyone is automatically vulnerable to this attack. It doesn't really address the applications, but:
> [..] the attacker must now correlate the cache sets he has profiled to data or code locations belonging to the victim. This learning/classification problem was addressed earlier by Zhang et al. in [25] and by Yarom et al. in [23], where various machine learning methods such as SVM were used to derive meaning from the output of cache latency measurements.
It can probably also be put to less nefarious uses. Here's one that comes to mind for a web based chat client: You can use it to detect if a user is currently at his/her desktop or away. Unless the chat window is the current active window, I think this would be hard/impossible to do otherwise.
This is why people use NoScript. Not that we're Luddites, but rather arbitrary scripts means arbitrary vulnerabilities that are automatically exploitable.
It's not that we don't want to see your cool new site built in Angular 2.0, but rather the principle of least privilege[0] is even more relevant with respect to the web.
People wouldn't think you're crazy for leaving Java applets off by default (even when they were popular), and it's an ad populum fallacy to say that just because everyone uses JavaScript you should trade your own personal security so that developers can use AJAX instead of a form POST.
By training it on something like network or mouse pointer data, you can determine whether a user or network is active based on cache activity patterns. You can't resolve much else other than this high-level view of which segments are in use, but they've been pretty creative figuring out what this can tell you.
It's possible that this could be used as another method to fingerprint Tor users, or confirm that a given Tor user corresponds to a given insecure user.