1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News NetSpectre vuln allows remote Spectre exploitation

Discussion in 'Article Discussion' started by bit-tech, 27 Jul 2018.

  1. bit-tech

    bit-tech Supreme Overlord Staff Administrator

    Joined:
    12 Mar 2001
    Posts:
    1,244
    Likes Received:
    21
    Read more
     
  2. Chicken76

    Chicken76 Member

    Joined:
    10 Nov 2009
    Posts:
    864
    Likes Received:
    21
    Holy Grandmother-of-All-Vulnerabilities, how?! How do you read memory contents over the network?
     
  3. B1GBUD

    B1GBUD ¯\_(ツ)_/¯

    Joined:
    29 May 2008
    Posts:
    3,162
    Likes Received:
    349
    Probably with quite a lot of luck I would imagine, surely address space randomisation means that data rarely gets stored in the same place twice?
     
  4. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    10,553
    Likes Received:
    792
    I refer you to Section 5.2 of the linked paper, 'Remotely Breaking ASLR [Address Space Layout Randomisation] on the Target System.'
     
  5. Anfield

    Anfield Well-Known Member

    Joined:
    15 Jan 2010
    Posts:
    3,717
    Likes Received:
    180
    It is explained at the bottom:


    Translation:
    The basic access restrictions which are used as a foundation to build security on have been swallowed by a sink hole named Spectre and not installing the updates to plug that hole is about as responsible as announcing on facebook that you will be on holiday next week and that the key is under the door mat.
     
    Gareth Halfacree likes this.
  6. adidan

    adidan Avatar is back out of season.

    Joined:
    25 Mar 2009
    Posts:
    11,979
    Likes Received:
    741
    I'd feel more secure if Asus had a more recent bios than 2016
     
  7. B1GBUD

    B1GBUD ¯\_(ツ)_/¯

    Joined:
    29 May 2008
    Posts:
    3,162
    Likes Received:
    349
    Well of course I didn't read the paper silly!

    So you'd still need a lot of luck.... no? And leaking at a rate of 15 bits per hour?

    https://www.theregister.co.uk/2018/07/26/netspectre_network_leak/
     
    Last edited: 27 Jul 2018
    edzieba likes this.
  8. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    2,444
    Likes Received:
    125
    The main upshot of the discovery of SPECTRE class attacks is to add one more thing you need to consider when hardening your software (alongside "don't try and read from empty buffers" and "don't try and write to full buffers"). Removing Speculative Execution from CPUs is about as likely as removing internal caches. You can technically do without it, but you won't like it.
     
    B1GBUD likes this.
  9. jb0

    jb0 Member

    Joined:
    8 Apr 2012
    Posts:
    288
    Likes Received:
    16
    As hilarious as that is, the pedant in me insists on pointing out that you can have branches without speculation. The 486 that Doom targeted was such a processor.

    So it will indeed be devastating to performance, but more like fifty percent than fifty-thousand percent.
     
  10. Alecto

    Alecto Member

    Joined:
    20 Apr 2012
    Posts:
    130
    Likes Received:
    1
    But, but ... I'm only leaving for vacation the week after?!
     
Tags: Add Tags

Share This Page