« previous next »
Pages: 1 2 3 4 5 6 [7]

Author Topic: Virtually every bit of computer security has been uncovered as broken  (Read 7573 times)

Metario

January 04, 2018, 07:36:38 PM
Quote from: Platypi on January 04, 2018, 06:35:51 PM
I believe this article is refering to Meltdown, which exclusively impacts Intel processors.

Spectre, on the other hand, has a much more far reaching impact, and one that will be harder to fix, too. Here's info on Spectre. Definitely give it a read, as it almost undoubtably affects you. Here's a quote from the paper.

So basically, everyone is vulnerable. Furthermore, in the paper, they demonstrate how the attack can be launched through JavaScript. In other words, an attack launched through your browser can read private processor memory. This is really bad. On the brightside, this will probably lead to an influx of investment and research into processor security, which is good.

I wouldn't bother freaking out too much. As of yet, we do not know of any attacks in the wild that use Spectre or Meltdown. After all, this exploit was independently discovered in a research labs, so malevolent actors likely haven't had enough time to adopt these attack methods yet. That's not to say they aren't scrambling to put something together, though. People are slow to update their hardware and OS, so it's likely these are vulnerabilities that will remain effective for years to come. Just don't be those shmucks; make sure to update your computers regularly, especially in coming weeks.
Spectre has already been patched for AMD systems.

Ad Bot

Advertisement

Mr Queeba

January 04, 2018, 07:43:09 PM
Quote from: Metario on January 04, 2018, 07:36:38 PM
Spectre has already been patched for AMD systems.
source?
edit: looked into it.

apparently variants 1 and 2 are spectre, and variant 3 is meltdown
if im hearing this right, amd is saying that variant 1 can be fixed in software without performance issues, and that variants 2 and 3 arent an issue on their cpus
« Last Edit: January 04, 2018, 07:49:12 PM by Mr Queeba »

Platypi

January 04, 2018, 08:50:48 PM
Quote from: Metario on January 04, 2018, 07:36:38 PM
Spectre has already been patched for AMD systems.
I am aware. As the Spectre paper stated...

Quote
While makeshift processor-specific countermeasures
are possible in some cases, sound solutions will require
fixes to processor designs as well as updates to instruction
set architectures (ISAs) to give hardware architects
and software developers a common understanding as to
what computation state CPU implementations are (and
are not) permitted to leak.

So Spectre's impact can be mitigated on some architectures, but not others, if I'm understanding it correctly.
« Last Edit: January 04, 2018, 08:53:26 PM by Platypi »
Pages: 1 2 3 4 5 6 [7]
« previous next »