1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News NetSpectre vuln allows remote Spectre exploitation

Discussion in 'Article Discussion' started by bit-tech, 27 Jul 2018.

  1. bit-tech

    bit-tech Supreme Overlord Lover of bit-tech Administrator

    Joined:
    12 Mar 2001
    Posts:
    3,676
    Likes Received:
    138
    Read more
     
  2. Chicken76

    Chicken76 Minimodder

    Joined:
    10 Nov 2009
    Posts:
    952
    Likes Received:
    32
    Holy Grandmother-of-All-Vulnerabilities, how?! How do you read memory contents over the network?
     
  3. B1GBUD

    B1GBUD ¯\_(ツ)_/¯ Accidentally Funny

    Joined:
    29 May 2008
    Posts:
    3,501
    Likes Received:
    522
    Probably with quite a lot of luck I would imagine, surely address space randomisation means that data rarely gets stored in the same place twice?
     
  4. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    16,125
    Likes Received:
    5,051
    I refer you to Section 5.2 of the linked paper, 'Remotely Breaking ASLR [Address Space Layout Randomisation] on the Target System.'
     
  5. Anfield

    Anfield Multimodder

    Joined:
    15 Jan 2010
    Posts:
    7,009
    Likes Received:
    952
    It is explained at the bottom:


    Translation:
    The basic access restrictions which are used as a foundation to build security on have been swallowed by a sink hole named Spectre and not installing the updates to plug that hole is about as responsible as announcing on facebook that you will be on holiday next week and that the key is under the door mat.
     
    Gareth Halfacree likes this.
  6. adidan

    adidan Guesswork is still work

    Joined:
    25 Mar 2009
    Posts:
    18,600
    Likes Received:
    4,371
    I'd feel more secure if Asus had a more recent bios than 2016
     
  7. B1GBUD

    B1GBUD ¯\_(ツ)_/¯ Accidentally Funny

    Joined:
    29 May 2008
    Posts:
    3,501
    Likes Received:
    522
    Well of course I didn't read the paper silly!

    So you'd still need a lot of luck.... no? And leaking at a rate of 15 bits per hour?

    https://www.theregister.co.uk/2018/07/26/netspectre_network_leak/
     
    Last edited: 27 Jul 2018
    edzieba likes this.
  8. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,909
    Likes Received:
    591
    The main upshot of the discovery of SPECTRE class attacks is to add one more thing you need to consider when hardening your software (alongside "don't try and read from empty buffers" and "don't try and write to full buffers"). Removing Speculative Execution from CPUs is about as likely as removing internal caches. You can technically do without it, but you won't like it.
     
    B1GBUD likes this.
  9. jb0

    jb0 Minimodder

    Joined:
    8 Apr 2012
    Posts:
    555
    Likes Received:
    93
    As hilarious as that is, the pedant in me insists on pointing out that you can have branches without speculation. The 486 that Doom targeted was such a processor.

    So it will indeed be devastating to performance, but more like fifty percent than fifty-thousand percent.
     
  10. Alecto

    Alecto Minimodder

    Joined:
    20 Apr 2012
    Posts:
    134
    Likes Received:
    1
    But, but ... I'm only leaving for vacation the week after?!
     
Tags: Add Tags

Share This Page