If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Meltdown & Spectre
What's the best protection against these ?
Penalty for any cybercrime should be death ! |
Ads |
#2
|
|||
|
|||
Meltdown & Spectre
wrote
| What's the best protection against these ? | | Penalty for any cybercrime should be death ! My approach is to wait. It sounds like AMD CPUs have very little risk, anyway. And there have already been problems on some systems with patches that have been released. |
#4
|
|||
|
|||
Meltdown & Spectre
|
#5
|
|||
|
|||
Meltdown & Spectre
On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote:
There is also some kind of Powershell command for checking whether the identified exploits have been patched on a system yet or not. Ashampoo has released a ching tool called SpectreMeltdownCheck.exe - it could be on Softpedia etc. -- Peter. The gods will stay away whilst religions hold sway |
#6
|
|||
|
|||
Meltdown & Spectre
PeterC wrote:
On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote: There is also some kind of Powershell command for checking whether the identified exploits have been patched on a system yet or not. Ashampoo has released a ching tool called SpectreMeltdownCheck.exe - it could be on Softpedia etc. Is it a Registry value checker ? Or an actual exploit tester ? We've been promised by one of the Meltdown/Spectre researchers, there'd be an exploit tester that could check whether you're received some kind of protection or not. For the first item, there's a Powershell script. I'm not aware of any "finished" item for the second type, as the whole process got rushed at the last minute. Is the Ashampoo a copy of someone elses program, or their own creation ? Paul |
#7
|
|||
|
|||
Meltdown & Spectre
Still the same total asshole I see ...
|
#8
|
|||
|
|||
Meltdown & Spectre
On Mon, 15 Jan 2018 02:54:55 -0500, Paul wrote:
PeterC wrote: On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote: There is also some kind of Powershell command for checking whether the identified exploits have been patched on a system yet or not. Ashampoo has released a ching tool called SpectreMeltdownCheck.exe - it could be on Softpedia etc. Is it a Registry value checker ? Or an actual exploit tester ? We've been promised by one of the Meltdown/Spectre researchers, there'd be an exploit tester that could check whether you're received some kind of protection or not. For the first item, there's a Powershell script. I'm not aware of any "finished" item for the second type, as the whole process got rushed at the last minute. Is the Ashampoo a copy of someone elses program, or their own creation ? Paul Sorry, don't know, but this should have the details: https://www.ashampoo.com/en/usd/pin/...wn-CPU-Checker -- Peter. The gods will stay away whilst religions hold sway |
#9
|
|||
|
|||
Meltdown & Spectre
PeterC wrote:
On Mon, 15 Jan 2018 02:54:55 -0500, Paul wrote: PeterC wrote: On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote: There is also some kind of Powershell command for checking whether the identified exploits have been patched on a system yet or not. Ashampoo has released a ching tool called SpectreMeltdownCheck.exe - it could be on Softpedia etc. Is it a Registry value checker ? Or an actual exploit tester ? We've been promised by one of the Meltdown/Spectre researchers, there'd be an exploit tester that could check whether you're received some kind of protection or not. For the first item, there's a Powershell script. I'm not aware of any "finished" item for the second type, as the whole process got rushed at the last minute. Is the Ashampoo a copy of someone elses program, or their own creation ? Paul Sorry, don't know, but this should have the details: https://www.ashampoo.com/en/usd/pin/...wn-CPU-Checker Virustotal says it's clean, and it's a .NET program. A Hex Editor shows it is making Powershell calls. So it's basically piggy backing off the Microsoft program. Which means it should be as good at it, as the Microsoft powershell command line version. KVAShadowWindowsSupportPresent https://support.microsoft.com/en-us/...ngs-powershell Now, it could have actual exploit checks too, but I cannot detect that with a hex editor. Just a guess, Paul |
#10
|
|||
|
|||
Meltdown & Spectre
On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote:
There is also some kind of Powershell command for checking whether the identified exploits have been patched on a system yet or not. This one just checks some Registry stuff. https://support.microsoft.com/en-ca/...ngs-powershell There's also a program, InSpectre, from grc.com: https://www.grc.com/inspectre.htm -- Stan Brown, Oak Road Systems, Tompkins County, New York, USA http://BrownMath.com/ http://OakRoadSystems.com/ Shikata ga nai... |
#11
|
|||
|
|||
Meltdown & Spectre
Stan Brown wrote:
On Sun, 14 Jan 2018 15:02:14 -0500, Paul wrote: There is also some kind of Powershell command for checking whether the identified exploits have been patched on a system yet or not. This one just checks some Registry stuff. https://support.microsoft.com/en-ca/...ngs-powershell There's also a program, InSpectre, from grc.com: https://www.grc.com/inspectre.htm All I've been able to determine so far, is it *might* be using the CPUID and the Revision number and making some shrewd guesses. This is based on testing it in a Win10 VM, and using WINE in Linux, to see how it would handle things. I'm not convinced (yet) that it's implementing exploits, like the one in the twitter message (where someone scraped info they shouldn't have been able to access). It's still a useful utility. Thinking about it, I don't think the White Hats really want to give all that much sample exploit code to the Black Hats. And maybe that's why the utilities I've tried so far (inSpectre excepted) have been registry sniffers. The other utilities just check to see if Microsoft set or made available, various registry entries. Paul |
Thread Tools | |
Display Modes | Rate This Thread |
|
|