If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via Network Connections
https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/
|
Ads |
#2
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via NetworkConnections
On 2018-07-27, Anonymous wrote:
https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ Except it can't. (or rather at the rate of about 1 bit per hour, which of course is useless if the cache actually changes in that time.. And if you have defened yoursef against spectre, this is useless. |
#3
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via NetworkConnections
On 2018-07-27, Anonymous wrote:
https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ I can't see from paper how they can get data without application being on victim machine? -- press any key to continue or any other to quit... |
#4
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via NetworkConnections
On 28/07/18 05:59, Melzzzzz wrote:
On 2018-07-27, Anonymous wrote: https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ I can't see from paper how they can get data without application being on victim machine? They infer from visible net performance. -- There is nothing a fleet of dispatchable nuclear power plants cannot do that cannot be done worse and more expensively and with higher carbon emissions and more adverse environmental impact by adding intermittent renewable energy. |
#5
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via NetworkConnections
On 2018-07-28, The Natural Philosopher wrote:
On 28/07/18 05:59, Melzzzzz wrote: On 2018-07-27, Anonymous wrote: https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ I can't see from paper how they can get data without application being on victim machine? They infer from visible net performance. Hm, net performance have many factors, besides I can't see how they can conclude anything from that. -- press any key to continue or any other to quit... |
#6
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via NetworkConnections
On 28/07/18 06:45, Melzzzzz wrote:
On 2018-07-28, The Natural Philosopher wrote: On 28/07/18 05:59, Melzzzzz wrote: On 2018-07-27, Anonymous wrote: https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ I can't see from paper how they can get data without application being on victim machine? They infer from visible net performance. Hm, net performance have many factors, besides I can't see how they can conclude anything from that. Thats why you are a user and they are hackers Did you ever read of the famouys case of the German WWII captured tank gearboxes? Examination of the serial numbers led them to conclude that the productuion rate was far more limited than they believed at the time. This turned out to be the case. -- Climate Change: Socialism wearing a lab coat. |
#7
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via Network Connections
William Unruh writes:
Anonymous wrote: https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ Except it can't. (or rather at the rate of about 1 bit per hour, which of course is useless if the cache actually changes in that time.. I think you should at least skim the paper before commenting. 1) The reason it takes so long is that the network introduces a lot of noise, so it requires many iterations of the attack to get a clear signal. 2) Each iteration is fast and independent of the others; there is no need for the cache to remain unmodified for an extended period. 3) They introduce a novel microarchitectural side channel which does not use the cache. And if you have defened yoursef against spectre, this is useless. They specifically address this point; the existing Spectre mitigations do not close the AVX side channel. -- https://www.greenend.org.uk/rjk/ |
#8
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via NetworkConnections
On 2018-07-28, The Natural Philosopher wrote:
On 28/07/18 06:45, Melzzzzz wrote: On 2018-07-28, The Natural Philosopher wrote: On 28/07/18 05:59, Melzzzzz wrote: On 2018-07-27, Anonymous wrote: https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ I can't see from paper how they can get data without application being on victim machine? They infer from visible net performance. Hm, net performance have many factors, besides I can't see how they can conclude anything from that. Thats why you are a user and they are hackers Did you ever read of the famouys case of the German WWII captured tank gearboxes? Examination of the serial numbers led them to conclude that the productuion rate was far more limited than they believed at the time. This turned out to be the case. I still can't see how anything related to network can be used to conclude that some data is from cache or memory. Care to explain how that can be concluded from eg communication with web server? -- press any key to continue or any other to quit... |
#9
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via Network Connections
Melzzzzz writes:
I still can't see how anything related to network can be used to conclude that some data is from cache or memory. Care to explain how that can be concluded from eg communication with web server? The paper is not hard to find: https://misc0110.net/web/files/netspectre.pdf -- https://www.greenend.org.uk/rjk/ |
#10
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via NetworkConnections
On 2018-07-28, Richard Kettlewell wrote:
Melzzzzz writes: I still can't see how anything related to network can be used to conclude that some data is from cache or memory. Care to explain how that can be concluded from eg communication with web server? The paper is not hard to find: https://misc0110.net/web/files/netspectre.pdf I have skimmed over paper, yet I see they need server side application... -- press any key to continue or any other to quit... |
#11
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via Network Connections
Melzzzzz writes:
On 2018-07-28, Richard Kettlewell wrote: Melzzzzz writes: I still can't see how anything related to network can be used to conclude that some data is from cache or memory. Care to explain how that can be concluded from eg communication with web server? The paper is not hard to find: https://misc0110.net/web/files/netspectre.pdf I have skimmed over paper, yet I see they need server side application... Sure. It’s a perfectly good proof of concept though. Doesn’t mean you can’t find suitable gadgets in production code. (& unverifiable rumour suggests they already they have, in which case they may well be waiting for mitigations to be available before going public.) -- https://www.greenend.org.uk/rjk/ |
#12
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via NetworkConnections
On 28/07/18 11:43, Melzzzzz wrote:
On 2018-07-28, Richard Kettlewell wrote: Melzzzzz writes: I still can't see how anything related to network can be used to conclude that some data is from cache or memory. Care to explain how that can be concluded from eg communication with web server? The paper is not hard to find: https://misc0110.net/web/files/netspectre.pdf I have skimmed over paper, yet I see they need server side application... Nope, they dont. -- Of what good are dead warriors? … Warriors are those who desire battle more than peace. Those who seek battle despite peace. Those who thump their spears on the ground and talk of honor. Those who leap high the battle dance and dream of glory … The good of dead warriors, Mother, is that they are dead. Sheri S Tepper: The Awakeners. |
#13
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via Network Connections
"Melzzzzz" wrote
| I have skimmed over paper, yet I see they need server side | application... | Yes. Not even really server-side. They only tested what apparently was a trusted connection over a network. With a 1 Gb connection they get 4 bytes/hour, from a machine that has reason to let them in. On my cable connection that would be about 4 bytes per day; presumably 4 arbitrary bytes. It wasn't clear to me what protocol they're using to get into the other computer, but with networked computers there's already no security to speak of. Who needs a byte-thief when you've got DCOM, file sharing, Remote Desktop, and Remote Registry? What they didn't do was to test an actual situation: Trying to grab enough arbitrary RAM data, while you load their webpage, to figure out your credit card number, assuming they've been able to take control of a website that you visit. What always gets me about these things is that the people who get most worked up are typically running without a firewall, have networking functions enabled, allow javascript and iframes on webpages, bank online, and shop online using credit cards. So they have lots of data worth stealing and no security to protect it. They're leaving the front door wide open while they worry that an ant might crawl through a hole behind the 2nd floor gutter, make it to the kitchen, and steal a grain of rice that's fallen on the floor there.... which seems to be pretty much what this attack is. But there is a perverse kind of logic to that: If you concentrate on patching holes behind your gutter then you don't have to deal with the "hassle" of locking and unlocking your front door. The trick is to feel secure without any inconvenience. |
#14
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via NetworkConnections
On 2018-07-28, Melzzzzz wrote:
On 2018-07-28, Richard Kettlewell wrote: Melzzzzz writes: I still can't see how anything related to network can be used to conclude that some data is from cache or memory. Care to explain how that can be concluded from eg communication with web server? The paper is not hard to find: https://misc0110.net/web/files/netspectre.pdf I have skimmed over paper, yet I see they need server side application... Yes, but the point is that they may well already be there in the code that the server runs to do what it needs to do. Ie, the writer of say ssh, or of the network stack, or.... needs to code in such a way that none of the resultant code gives the attacker the means to determine that bit via the attack. He sends a bunch of packets to the server. These are crafted to trigger the speculative execution or not, and the timing of the return packets can give him information. You could call these software bugs, but they are not bugs in any traditional sense, and not in any sense that the coder knows how to avoid. The software works exactly as expected. It is just that with the right trigger, it takes slightly longer to perform or not depending on the value of the bit the attacker wants to determine. Thus, if the ssh code has one of these "bugs" the attacker may be able to determine the bits in the ssh password. Do not ask me how. I have not idea, but the above is what I have gleaned from a quick reading of the paper. So their "gagets" are code which is already on the system in the operating system/kernel software. The attacker just has to identify them. So yes, it can be mitigated in software, but how in the hell do you analyse the code to identify all of the possible ways in which every snippet of code could be used in such an attack? |
#15
|
|||
|
|||
New NetSpectre Attack Can Steal CPU Secrets via Network Connections
Nomen Nescio laid this down on his screen :
In article William Unruh wrote: On 2018-07-27, Anonymous wrote: https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ Except it can't. (or rather at the rate of about 1 bit per hour, which of course is useless if the cache actually changes in that time.. And if you have defened yoursef against spectre, this is useless. I love scary computer stories at bedtime. I love the sell of infected computers in the morning. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|