1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News NetSpectre vuln allows remote Spectre exploitation

Discussion in 'Article Discussion' started by bit-tech, 27 Jul 2018.

  1. bit-tech

    bit-tech Supreme Overlord Staff Administrator

    Joined:
    12 Mar 2001
    Posts:
    1,703
    Likes Received:
    32
    Read more
     
  2. Chicken76

    Chicken76 Member

    Joined:
    10 Nov 2009
    Posts:
    897
    Likes Received:
    22
    Holy Grandmother-of-All-Vulnerabilities, how?! How do you read memory contents over the network?
     
  3. B1GBUD

    B1GBUD ¯\_(ツ)_/¯ Accidentally Funny

    Joined:
    29 May 2008
    Posts:
    3,234
    Likes Received:
    375
    Probably with quite a lot of luck I would imagine, surely address space randomisation means that data rarely gets stored in the same place twice?
     
  4. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    11,360
    Likes Received:
    1,252
    I refer you to Section 5.2 of the linked paper, 'Remotely Breaking ASLR [Address Space Layout Randomisation] on the Target System.'
     
  5. Anfield

    Anfield Well-Known Member

    Joined:
    15 Jan 2010
    Posts:
    4,245
    Likes Received:
    251
    It is explained at the bottom:


    Translation:
    The basic access restrictions which are used as a foundation to build security on have been swallowed by a sink hole named Spectre and not installing the updates to plug that hole is about as responsible as announcing on facebook that you will be on holiday next week and that the key is under the door mat.
     
    Gareth Halfacree likes this.
  6. adidan

    adidan End of season avatar. 50% reduction.

    Joined:
    25 Mar 2009
    Posts:
    12,610
    Likes Received:
    1,029
    I'd feel more secure if Asus had a more recent bios than 2016
     
  7. B1GBUD

    B1GBUD ¯\_(ツ)_/¯ Accidentally Funny

    Joined:
    29 May 2008
    Posts:
    3,234
    Likes Received:
    375
    Well of course I didn't read the paper silly!

    So you'd still need a lot of luck.... no? And leaking at a rate of 15 bits per hour?

    https://www.theregister.co.uk/2018/07/26/netspectre_network_leak/
     
    Last edited: 27 Jul 2018
    edzieba likes this.
  8. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    2,825
    Likes Received:
    196
    The main upshot of the discovery of SPECTRE class attacks is to add one more thing you need to consider when hardening your software (alongside "don't try and read from empty buffers" and "don't try and write to full buffers"). Removing Speculative Execution from CPUs is about as likely as removing internal caches. You can technically do without it, but you won't like it.
     
    B1GBUD likes this.
  9. jb0

    jb0 Active Member

    Joined:
    8 Apr 2012
    Posts:
    378
    Likes Received:
    36
    As hilarious as that is, the pedant in me insists on pointing out that you can have branches without speculation. The 486 that Doom targeted was such a processor.

    So it will indeed be devastating to performance, but more like fifty percent than fifty-thousand percent.
     
  10. Alecto

    Alecto Member

    Joined:
    20 Apr 2012
    Posts:
    131
    Likes Received:
    1
    But, but ... I'm only leaving for vacation the week after?!
     
Tags: Add Tags

Share This Page