topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 12:52 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: How a researcher hacked his own computer and found 'worst' chip flaw  (Read 18179 times)

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member

A serious and hard-to-fix bug was recently found on most instal cpu chips manufactured since 1995.  It's causing a huge disruption on the web affecting most of the servers running the internet..

FRANKFURT (Reuters) - Daniel Gruss didn’t sleep much the night he hacked his own computer and exposed a flaw in most of the chips made in the past two decades by hardware giant Intel Corp (INTC.O)...
The flaw, now named Meltdown, was revealed on Wednesday and affects most processors manufactured by Intel since 1995.

Separately, a second defect called Spectre has been found that also exposes core memory in most computers and mobile devices running on chips made by Intel, Advanced Micro Devices (AMD) (AMD.O) and ARM Holdings, a unit of Japan’s Softbank (9984.T).

Both would enable a hacker to access secret passwords or photos from desktops, laptops, cloud servers or smartphones. It’s not known whether criminals have been able to carry out such attacks as neither Meltdown nor Spectre leave any traces in log files.



See:

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #1 on: January 05, 2018, 09:52 AM »
@mouser: Thanks for posting this news item from the always-reliable Reuters news. I don't know what to make of it. I had already read similar, elsewhere, as the Internet seems to have gone crazy over "Meltdown" and "Spectre" (such dramatic and scary names!) these last couple of days. They are a "thing", it seems, and may be potentially even worse and more imminently threatening as a national security risk than Climate Change™, or something. Anyway, we must act - and now! There's no debate about that, except perhaps from the usual pointy-headed tinfoil-cap-wearing conspiracy theorists whom we all spurn as less than human - and rightly so.

A report and video interview from the always-reliable CNN investigative reporting team mentions:
  • that the flaws affect "...billions of computers and smartphones" (Oh no!),
  • that "Meltdown" (sounds a bit overheated to me) affects only (all/most) Intel processors(!), whereas,
  • "Spectre" (sounds like code for a sorta James-Bondi ghostly Russian spy system to me) "...exists in almost every computer system" (which sounds scarily pretty comprehensive),
  • that "Intel CEO Brian Krzanich sold about half his stock months after he learned about critical flaws in billions of his company's microchips.", which carried the implicit suggestion that the flaw(s) were deemed to be serious enough for the CEO to risk potentially breaching insider trading regulations constraining the sale of Intel stock - so thus, obviously the flaw(s) are real and serious and need to be remedied ASAP.   :tellme:
  • that these hardware/firmware design vulnerabilities have apparently been known about/discussed for years as being potentially exploitable, and were a known result (trade-off) of chip hardware designers working towards maximising optimum throughput - the implication being that to "fix" them now could necessarily reduce throughput and slow down all our PCS/smartphones. (Mightt we not all need to buy new, non-vulnerable CPUs?)   :tellme:

Oh dear, what a pity, never mind.

The spin seems to be based on a supposition that these are hardware/firmware vulnerabilities/flaws, or something, that were not previously known about (which would seem to not be true), whereas what we can deduce seems to be that this is the first time that some details of these vulnerabilities have been published (I think that, at least could be true).

In the Reuters report you quoted, "Daniel Gruss" (not sure whether that is a real person) is the name assigned to the "discovery" of the "Meltdown" flaw, whereas we are only told - somewhat ambiguously - that "Separately, a second defect called Spectre has been found".
What? Simultaneously? Coincidentally? Just like that?    :tellme:
Woooow, scary; must download the fix ASAP before the bogeyman looks into my laptop/smartphone/raspberry Pi firmware with "X-ray vision" (Yep, that's what it was called.). Then I shall feel safer.

Yeah, right.

The parallel report that the Intel CEO apparently had the audacity to risk potentially flouting insider trading rules and sell off his max limit of stock at a good price before the flaw(s) were published (Shock! Horror! Who would do such a thing! Capitalist scum!) is really interesting. Apparently (per CNN), Intel stock had already dropped 6% on the "bad news" about the chips, or something, so Brian Krzanich could now redeem himself by buying his stock back at a hefty discount, even increasing his stockholding at no extra cost - if he wished. Ahh, serendipity. Bet there wasn't a 99% chance that that price drop wouldn't happen, eh?

Colour me highly skeptical - especially given the history/experience/example(s) I coincidentally referred to in the recent post here:
Unfortunately, history also shows that it generally doesn't seem to make a blind bit of difference whether corporations exhort their personnel to conform to avoidance of this or that unethical or illegal practice or "behaviours", because people (usually senior managers and executives) will attempt to do their damnedest to work around such "ethical" constraints where they see a potential pot of gold, or a savings, or a marketing advantage can be had.

Of course, Microsoft, Intel, AMD, et al are presumably assiduously working collaboratively day and night now, even as I write this, and probably after I have gone to sleep for the night (though I am a bit of an insomniac), to push out a broad "fix" to these terrifying flaws. The last thing we want is people "peeking at our passwords" or, maybe worse, even "looking at what tabs we had open in our browsers". Oh, the horror! It was bad enough when Snowden blew the whistle on the NSA spying. Oh, but wait...     :o

Which rather begs the question as to whether these apparently long-known vulnerabilities (QED) and flaws were not already being (relatively) "harmlessly" exploited by (say) the NSA or other state agencies/organisations, or whether the comprehensive world-wide "fixing" of CPU hardware/firmware is actually necessary, and whether the reality of the "fix" might not be worse than the reality of the supposed vulnerabilities, introducing (say) new backdoors where there were none before... How would we know for sure?    :tellme:
But I suspect that there may not be any consumer option there. It currently rather seems that we WILL get the fix via a remorseless push, and whether we want it or not, and it may have already started.
Ordinarily, I would say that "Doctor knows best.", but - post-Snowdengate -  I'm none too sanguine about these IT medicos and their "You can trust us to do no evil!" (or similar) approach...   I mean, it's not like they have taken the Hippocratic Oath, or something - is it?    :tellme:

I couldn't help thinking that this all seemed to be déjà vu for some reason, and then I recalled the Halcyon days of the Y2K con trick work that I and thousands of others helped to perpetrate carry out, exploiting gullible helping clients who bought into our consultancies' hugely lucrative Y2K risk mitigation proposals. The poor wee darlings couldn't sleep at night for worrying that the sky was falling down - and it was! Yes! It really was! - because all their CPU-controlled systems, including in computer-rooms, elevators, calculators, PC workstations and distributed 3-tier LANs and databases, aircraft control systems, telephone exchanges, etc. were all at risk - very real risk - of stopping dead on the turn of the year 2000. Aircraft would literally fall out of the skies, elevator brakes in tall buildings would come OFF automatically sending the lift and its occupants hurtling to certain destruction below, banks and payment systems would collapse as their systems stopped, food and water would be in short supply due to the banking system collapse and store checkouts not operating, balance sheets would evaporate, huge losses would be incurred, etc..  Oh, the horror!

Well, we put their little minds at rest, so they could sleep peacefully, secure in the knowledge that we had put mitigation plans in place and mitigated the risks for them, the poor dears. So they slept on soundly, whilst we tiptoed off into the sunset of the first day of 2000, laughing all the way to the bank, secure in the knowledge that the suckers clients were convinced that we had delivered them a good service.
Ah, those were the days, eh?    :Thmbsup:
Reminiscing now...
It would be nice if we could catch another gravy train like that...   Oh, but wait...    :o
...looks like the MSM (MainStream Media) may have already climbed aboard. A quick survey seems to show pretty consistent reporting (almost word-for-word) of the narrative coming from all/most "news" sources, with little real variation and no apparent evidence of critical investigative journalism. Speaking as the ex-Principle Marketing Consultant for the AP region, to what was apparently the third-largest IT corporation on the planet at the time, and where my specialism was strategic marketing communications planning (and in which I was regarded as being pretty capable), the MSM chatter on this Meltdown-gate and Spectre-gate (my terms, for want of a better terminology) would seem to have all the markings of a well-orchestrated and well-synchronised public communications launch. Not a bad job at all.
Respect!   :Thmbsup:
« Last Edit: January 07, 2018, 05:59 AM by IainB, Reason: Correction to typo. »

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #2 on: January 05, 2018, 12:14 PM »
Interesting:
"Best explainer yet for Meltdown and Spectre"
Refer <https://www.askwoody.com/2018/best-explainer-yet-for-meltdown-and-spectre/>
- and link to <https://danielmiessler.com/blog/simple-explanation-difference-meltdown-spectre/>

There are 2 .PDF (academic) papers (Meltdown.pdf and Spectre.pdf) downloadable from the latter link, which seem quite illuminating, sometimes in what they do not say. It seems the researchers may have been working on identifying the type and extent of these vulnerabilities since 2016, at least.
There is evidence of co-ordination between the parties involved, so it seems that someone is co-ordinating this business, but quite who they are or the mechanism of how they are doing it, or for how long they have been doing it (and why) is not immediately apparent.

KynloStephen66515

  • Animated Giffer in Chief
  • Honorary Member
  • Joined in 2010
  • **
  • Posts: 3,741
    • View Profile
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #3 on: January 05, 2018, 02:09 PM »
https://meltdownattack.com/

Meltdown and Spectre
Bugs in modern computers leak passwords and sensitive data.


Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.


Link also contains technical papers on both Meltdown and Spectre

~Stephen

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #4 on: January 06, 2018, 01:14 PM »
Nice calm summary in plain language:

https://www.networkw...through-the-fud.html

"To date there are no known uses of the exploits in the wild. And it’s not as easy to deliver a payload to a machine to use these exploits, as it is with more common malware that’s sent via an email or errant application download... While these new exploits are troublesome, as are all potential security risks, users and organizations affected should not panic. Many of the fixes are already being implemented as software/firmware upgrades and should mitigate the vast majority of any potential exploitation."

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #5 on: January 07, 2018, 01:46 AM »
^^ Good link. Thanks. And the author is right - it is FUD, and generally, wherever one finds FUD, one will usually find an accompanying $commercial and/or a political motivation, if not simply an "ulterior" motive.

mwb1100

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,645
    • View Profile
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #6 on: January 07, 2018, 04:01 AM »
Regardless of the FUD, I think the technique is fascinating.  From the little I understand, the attack uses instructions that access inaccessible memory, but the instructions are "never executed" so they don't cause the program to crash. However the processor does "speculatively execute" the instructions so they affect the cache. And by observing the cache behavior the attacker can determine the contents of memory that the program is not permitted to access.

Amazing.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #7 on: January 07, 2018, 04:49 AM »
@mwb1100:
Yes. Method is described per links in my comment above:
From <https://danielmiessler.com/blog/simple-explanation-difference-meltdown-spectre/>
   1. The meltdown paper: <https://meltdownattack.com/meltdown.pdf>
   2. The spectre paper: <https://spectreattack.com/spectre.pdf>

By the way, "FUD" in the context that I was using it, refers to:
"Fear, uncertainty and doubt, known as the FUD concept, was coined in the 1970s by computer architect Gene Amdahl when he left IBM to start his own company. Amdahl later accused the prominent technology corporation of using FUD tactics to scare consumers into sticking with "safe" IBM products instead of purchasing competitors' products."
 - <https://www.thefreelibrary.com/Effective+decision-making%3A+managing+fear%2C+uncertainty+and+doubt%3A+...-a0278509274>

Similarly, sales of Y2K "risk mitigation" projects were arguably - and from experience - largely reliant on FUD. As a species, we seem to be gullible and susceptible to FUD, as the folk tale of Henny Penny so adroitly displays. Most scams have the precursors of FUD and/or Greed, where the Fear component is typically the fear of an imaginary potential risk/loss - an irrational illusion - that takes on the nature of a concrete and incontrovertible reality in the victim's paradigms.
(See also "the precautionary principle" and "the improbability drive".)
« Last Edit: January 07, 2018, 05:39 AM by IainB »

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Aannd...it's started:
Disable Meltdown Fix on AMD CPUs After Installing KB4056892
The Meltdown vulnerability and AMD CPUs
AMD CPUs are not affected by the Meltdown vulnerability. However, depending on the usage scenario, the fixes released to the operating system can cause notable performance slow down. Also, there are reports coming from AMD CPU users that the Windows patch, KB4056892 is causing serious issues for them.

While one can quickly uninstall the appropriate update package, which is KB4056892, there is also a Registry tweak you can apply to disable the Meltdown fix.

This could improve your computer's performance.

Copied from: Disable Meltdown Fix on AMD CPUs After Installing KB4056892 - <https://winaero.com/blog/disable-meltdown-fix-amd-cpus-installing-kb4056892/>

That was quick, but not unexpected.
« Last Edit: January 08, 2018, 01:25 PM by IainB »

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Meltdown + Spectre - Malwarebytes update notes.
« Reply #9 on: January 08, 2018, 11:48 AM »
MBAM has some useful comment (and about the performance hit):
(Copied below sans embedded hyperlinks/images.)
Meltdown and Spectre: what you need to know
https://blog.malware...at-you-need-to-know/

tags: Security world, AMD, ARM, Intel, Meltdown, memory, processor, Spectre
Malwarebytes Labs
UPDATE (as of 1/04/18): Since the Malwarebytes Database Update 1.0.3624, all Malwarebytes users are able to receive the Microsoft patch to mitigate Meltdown.

Overview
If you’ve been keeping up with computer news over the last few days, you might have heard about Meltdown and Spectre, and you might be wondering what they are and what they can do. Basically, Meltdown and Spectre are the names for multiple new vulnerabilities discovered and reported for numerous processors. Meltdown is a vulnerability for Intel processors while Spectre can be used to attack nearly all processor types.

The potential danger of an attack using these vulnerabilities includes being able to read “secured” memory belonging to a process. This can do things like reveal personally identifiable information, banking information, and of course usernames and passwords. For Meltdown, an actual malicious process needs to be running on the system to interact, while Spectre can be launched from the browser using a script.

Microsoft, Google, Mozilla, and other vendors have been releasing patches all day to help protect users from this vulnerability. Some of the updates from Microsoft may negatively interact with certain antivirus solutions. However, Malwarebytes is completely compatible with our latest database update. The best thing to do to protect yourself is to update your browsers and your operating system with these patches as soon as you see an update available.

For a quick guide on how to protect yourself from this threat, please check out “Meltdown and Spectre Vulnerabilities – what you should do to protect your computer” on the Malwarebytes support knowledge base.

Details
The Google Project Zero team, in collaboration with other academic researchers, has published information about three variants of a hardware bug with important ramifications. These variants—branch target injection (CVE-2017-5715), bounds check bypass (CVE-2017-5753), and rogue data cache load (CVE-2017-5754)—affect all modern processors.

If you’re wondering if you could be impacted, the answer is most certainly yes.

The vulnerabilities, named Meltdown and Spectre, are particularly nasty, since they take place at a low level on the system, which makes them hard to find and hard to fix.

Modern computer architecture isolates user applications and the operating system, which helps to prevent unauthorized reading or writing to the system’s memory. Similarly, this design prevents programs from accessing memory used by other programs. What Meltdown and Spectre do is bypass those security measures, therefore opening countless possibilities for exploitation.

The core issue stems from a design flaw that allows attackers access to memory contents from any device, be it desktop, smart phone, or cloud server, exposing passwords and other sensitive data. The flaw in question is tied to what is called speculative execution, which happens when a processor guesses the next operations to perform based on previously cached iterations.

The Meltdown variant only impacts Intel CPUs, whereas the second set of Spectre variants impacts all vendors of CPUs with support of speculative execution. This includes most CPUs produced during the last 15 years from Intel, AMD, ARM, and IBM.

It is not known whether threat actors are currently using these bugs. Although due to their implementation, it might be impossible to find out, as confirmed by the vulnerability researchers:

Can I detect if someone has exploited Meltdown or Spectre against me?
Probably not. The exploitation does not leave any traces in traditional log files.

While there are no attacks reported in the wild as of yet, several Proof of Concepts have been made available, including this video that shows a memory extraction (using a non-disclosed POC). This is particularly damaging because 1. There aren’t many options for protection currently and 2. as previously stated, even if threat actors do spring to action, it might be impossible to verify if that’s the case.

Mitigations
Because the Meltdown and Spectre variants are hardware vulnerabilities, deploying security programs or adopting safer surfing habits will do little to protect against potential attack. However, a patch for the Meltdown variant has already been rolled out on Linux, macOS, and all supported versions of Windows.

According to our telemetry, most Malwarebytes users are already able to receive the latest Microsoft update. However, we are working to ensure that our entire user base has access to the patch.

Unfortunately, Microsoft’s fix comes with significant impact on performance, although estimates of how much vary greatly. An advisory from Microsoft recommends users to:

Keep computers up to date.
Install the applicable firmware update provided by OEM device manufacturers.
If you are having issues getting the Windows update, please refer to this article, as Microsoft has stated some possible incompatibility issues with certain security software.

No software patch for Spectre is available at the time of this article. Partial hardening and mitigations are being worked on, but they are unlikely to be published soon.

The Spectre bug can be exploited via JavaScript and WebAssembly, which makes it even more critical. It is therefore recommended to apply some countermeasures such as Site Isolation in Chrome. Mozilla is rolling out a Firefox patch to mitigate the issue while working on a long-term solution. Microsoft is taking similar action for Edge and Internet Explorer.

Cloud providers (Amazon, Online.net, DigitalOcean) also rushed to issue emergency notifications to their customers for upcoming downtimes in order to prevent situations where code from the hypervisor could be leaked from a virtual machine, for example.

The aftermath from these bugs is far from being completely understood, so please check back on this blog for further updates.

Vendor advisories:

Intel: https://newsroom.int...y-research-findings/
AMD: http://www.amd.com/e...peculative-execution
ARM: https://developer.ar...port/security-update
The post Meltdown and Spectre: what you need to know appeared first on Malwarebytes Labs.

Copied from: bq | Malwarebytes Unpacked - <https://blog.malwarebytes.com/security-world/2018/01/meltdown-and-spectre-what-you-need-to-know/>

Arizona Hot

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 3,181
    • View Profile
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #10 on: January 08, 2018, 08:14 PM »
Apple releases new security update to protect Safari against the Spectre attack.jpgHow a researcher hacked his own computer and found 'worst' chip flaw

Apple releases new security update to protect Safari against the Spectre attack


IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #11 on: January 10, 2018, 12:44 AM »
I had to laugh at this post on AskWoody:
Risk Based Security brings some sanity to the Meltdown debacle
Posted on January 9th, 2018 at 15:52 woody Comment on the AskWoody Lounge

I just finished reading this article, recommended by Kevin Beaumont. The Slow Burn of Meltdown and Spectre: Exploits, Lawsuits, and Perspective.

Here’s the conclusion:

Vulnerabilities are disclosed every day, to the tune of over 20,000 new disclosures in 2017 alone. Just because a vulnerability receives a name, a website, and/or a marketing campaign does not necessarily mean it is high risk or that it will impact your organization. As always, we strongly encourage organizations to cut through the noise and focus on the details relevant to them, and make a decision based on that alone.

I repeat – forgive me if you’ve heard this before – but there are NO KNOWN Meltdown or Spectre exploits in the wild. Folks who run servers with sensitive data — banks, brokerage houses, military contractors, cryptocurrency exchanges — need to be concerned about Meltdown and Spectre in the near term, realizing that the data can only be snooped if you allow an unauthorized program to run on your server.

For everybody else, the first attacks (if there ever are any) are likely to come through web browsers. You need to harden your browser as soon as the update is available. You’ll want to install the new Windows patches as soon as they pass muster. And you need to get your BIOS or UEFI updated one of these days. But there’s no big rush.

What you’re witnessing is a colossal “Sky is Falling” routine, aided and abetted by folks who are going to make money from the havoc.

Clearly, Woody is off his rocker. This threat is serious man, all the news reports say so, and look how quickly the players have been moving to stop the vulnerabilities - even if it does mean (say) inadvertently crippling some of those older, or non-Intel CPUs - and are even now considering redesigning the chip hardware/firmware for the future so that we can all be safe. They wouldn't all be rushing to do that if it wasn't an imminent threat. Oh, but wait...    :o

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #12 on: January 10, 2018, 07:36 AM »
I do find the timing rather interesting with all the folks being so happy with how well Windows 10 runs on older hardware ... That now have an entirely new holy-shit-class reason to have to run out and buy brand new bleeding-edge hardware which will of course be priced to match accordingly..

But I'm never-the-less obligated to schlep through the process in the name of due diligence. Because it only takes one enterprising asshat to pair this with a broadcast based delivery system to get it into some low hanging fruit internal server from a workstation email (ala CodeRed) to turn the whole thing into a big steaming shit show.

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #13 on: January 10, 2018, 10:37 AM »
I do find the timing rather interesting...
...But I'm never-the-less obligated...
Yers, well, that's the thing about FUD: "My goodness! It just might be true! Can I take the risk?"

Kerching! Kerching!

Jibz

  • Developer
  • Joined in 2005
  • ***
  • Posts: 1,187
    • View Profile
    • Donate to Member
Re: How a researcher hacked his own computer and found 'worst' chip flaw
« Reply #14 on: January 10, 2018, 02:47 PM »
I think the problem is not so much the risk for the average user to get hit by this on his home computer (outside of browsers), but that half the web runs on AWS/Azure/Whatever, so the average user could get hit by extension when the servers running the websites they use potentially leak passwords and personal data.

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
GRC released a free program to check to see if the patches for Spectre/Meltdown are installed, and if they are, how they're affecting the performance.  It also enables you to disable/enable the patches.

Easily examine and understand any Windows
system's hardware and software capability to
prevent Meltdown and Spectre attacks.

https://www.grc.com/inspectre.htm

panzer

  • Participant
  • Joined in 2008
  • *
  • default avatar
  • Posts: 941
    • View Profile
    • Donate to Member
"...  A total of eight new vulnerabilities in Intel CPUs have been reported to several researcher teams to the manufacturer, which are currently still kept secret. All eight are essentially due to the same design problem that the "Meltdown and Specter for Dummies" section details - they are, so to speak, Specter Next Generation...":
https://translate.go...MFAzu-N8uaLAQMCgsMmg

https://borncity.com...ities-in-intel-cpus/
« Last Edit: May 03, 2018, 05:01 AM by panzer »

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
...And the other shoe hits the floor … Now we get to hope this thing ain't an octopus.

Christ I miss the tactile simplicity of being a mechanic - This black box crap is just a never ending battle.

panzer

  • Participant
  • Joined in 2008
  • *
  • default avatar
  • Posts: 941
    • View Profile
    • Donate to Member
"... After c't exclusively documented the existence of several vulnerabilities in Intel's processors under the name Specter Next Generation last week, the first Specter NG patch was originally scheduled to be released on May 7th. However, Intel seems to be having problems getting the required updates ready in time, and therefore postponing the publication co-ordinated with the discoverers - once for 14 days, if possible even longer ...":
https://translate.go...it-text=&act=url

panzer

  • Participant
  • Joined in 2008
  • *
  • default avatar
  • Posts: 941
    • View Profile
    • Donate to Member
"... Security researchers from Microsoft and Google have discovered a fourth variant of the data-leaking Meltdown-Spectre security flaws impacting modern CPUs in millions of computers, including those marketed by Apple ...":
https://thehackernew...pectre-cpu-flaw.html

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
I'm a bit late to the party, but...

^^ Good link. Thanks. And the author is right - it is FUD, and generally, wherever one finds FUD, one will usually find an accompanying $commercial and/or a political motivation, if not simply an "ulterior" motive.
The warnings about Spectre and Meltdown weren't FUD.

As Jibz said, the prime target isn't end-user machines, but stuff running in the cloud. Thing is, more and more stuff is being moved to cloud infrastructure - email, the ecosystems for software updates on everything from phones to server and desktop operating systems, payment processors, social media, every-friggin-thing. Being able to freely dump memory of other tenants on the infrastructure? TERRIBAD!

Fortunately Meltdown was "fairly easy" to fix, and without adding that big overhead... depending on workload and whether the CPU is recent enough to support the "Process Context ID" feature.

Spectre on the other hand? It's a can of worms where the lid has just been popped off. It's a class of bugs that's very hard to totally fix, because of the way modern CPUs work - unless we're willing to give up a lot of speed. I expect we're going to see a game of whack-a-mole for a while.

Spectre is a lot harder to abuse, and doesn't give the full, well, meltdown as Meltdown did. But it's still a serious issue, and it was exploitable by Javascript code running in browsers - i.e., something that can be used to target end-users.

This was not a case of cry wolf. It was a case of "we need to fix shit, now, before people outside the NSA, GRU and GCHQ start
abusing these flaws".
- carpe noctem

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Spectre/Meltdown - now there's Foreshadow/L1TF
« Reply #21 on: August 15, 2018, 10:26 AM »
Interesting post from askwoody.com:
Foreshadow/L1TF: Another highly publicized Intel flaw, complete with its own web site and logo
Posted on August 14th, 2018 at 15:46 woody
Comment on the AskWoody Lounge
You’re going to see a whole bunch of explainers about this, yet another Meltdown/Spectre-class vulnerability in Intel processors.

Intel’s FAQ lists just about every Intel processor.

Microsoft’s FAQ explains how L1TF works.

And, yes, Foreshadow has its own web site. With a free-to-use high quality logo.

Let’s see if we get another crazy round of claims and patches — more sound and fury directed at a potential attack that, while real, hasn’t yet hit the fan.

You can tell it’s a co-ordinated disclosure because it was announced immediately after the Patch Tuesday releases.

Spectre ... Meltdown ... Foreshadow/L1TF ...
Such dramatic names!    :up:

I predict the next one to be announced ... "Paradox/WTF2"