If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Intel junk...Intel's SGX blown wide open by, you guessed it,a speculative execution attack
These flaws couldn't purposely be designed by foreign interests
could they? Speculative execution attacks truly are the gift that keeps on giving. Another day, another speculative execution-based attack. Data protected by Intel's SGXdata that's meant to be protected even from a malicious or hacked kernelcan be read by an attacker thanks to leaks enabled by speculative execution. Since publication of the Spectre and Meltdown attacks in January this year, security researchers have been taking a close look at speculative execution and the implications it has for security. All high-speed processors today perform speculative execution: they assume certain things (a register will contain a particular value, a branch will go a particular way) and perform calculations on the basis of those assumptions. It's an important design feature of these chips that's essential to their performance, and it has been for 20 years. But Meltdown and Spectre showed that speculative execution has security implications. Meltdown (on most Intel and some ARM processors) allows user applications to read the contents of kernel memory. Spectre (on most Intel, AMD, and ARM chips) can be used to attack software sandboxes used for JavaScript in browsers and, under the right conditions, can allow kernel memory or hypervisor memory to be read. In the months since they were first publicized, we've seen new variants: speculative store bypass, speculative buffer overflows, and even a remotely exploitable version of Spectre. What's in store today? A new Meltdown-inspired attack on Intel's SGX, given the name Foreshadow by the researchers who found it. Two groups of researchers found the vulnerability independently: a team from KU Leuven in Belgium reported it to Intel in early Januaryjust before Meltdown and Spectre went publicand a second team from the University of Michigan, University of Adelaide, and Technion reported it three weeks later. Continued. https://arstechnica.com/gadgets/2018...gx-blown-wide- open-by-you-guessed-it-a-speculative-execution-attack/ |
Ads |
#2
|
|||
|
|||
Intel junk...Intel's SGX blown wide open by, you guessed it, aspeculative execution attack
On Wed, 15 Aug 2018 06:58:48 +0200 (CEST), LO AND BEHOLD; "Designed By
India H1B Engineers " determined that the following was of great importance and subsequently decided to freely share it with us in : These flaws couldn't purposely be designed by foreign interests could they? Speculative execution attacks truly are the gift that keeps on giving. Another day, another speculative execution-based attack. Data protected by Intel's SGX�data that's meant to be protected even from a malicious or hacked kernel�can be read by an attacker thanks to leaks enabled by speculative execution. Since publication of the Spectre and Meltdown attacks in January this year, security researchers have been taking a close look at speculative execution and the implications it has for security. All high-speed processors today perform speculative execution: they assume certain things (a register will contain a particular value, a branch will go a particular way) and perform calculations on the basis of those assumptions. It's an important design feature of these chips that's essential to their performance, and it has been for 20 years. But Meltdown and Spectre showed that speculative execution has security implications. Meltdown (on most Intel and some ARM processors) allows user applications to read the contents of kernel memory. Spectre (on most Intel, AMD, and ARM chips) can be used to attack software sandboxes used for JavaScript in browsers and, under the right conditions, can allow kernel memory or hypervisor memory to be read. In the months since they were first publicized, we've seen new variants: speculative store bypass, speculative buffer overflows, and even a remotely exploitable version of Spectre. What's in store today? A new Meltdown-inspired attack on Intel's SGX, given the name Foreshadow by the researchers who found it. Two groups of researchers found the vulnerability independently: a team from KU Leuven in Belgium reported it to Intel in early January�just before Meltdown and Spectre went public�and a second team from the University of Michigan, University of Adelaide, and Technion reported it three weeks later. Continued. https://arstechnica.com/gadgets/2018...gx-blown-wide- open-by-you-guessed-it-a-speculative-execution-attack/ most of your typical news readers won't show all of the "�" chars in your copypasta. -- THIS SPACE FOR RENT https://www.youtube.com/watch?v=iB6B8jGSdLA "Thanks to muzzies and their apologist-enablers like puppy whistle, this seems to be the new norm in the world. It's spreading like a cancer, and it's time we admit we're at war with pure evil. We need to put an end to this muzzie plague, or life on Earth is going to become pure hell everywhere. We need to get these people out of every civilized country, and there's only one way to do it. IOW, we have to become like them, with an emphasis on expediency over cruelty." - Checkmate (of alt.checkmate) "Pussy Willow has just proven that Trump's crackdown on previously unenforced immigration policies is working. We'll deal with the domestic terrorists as needed, but we don't need to be letting the muzzie terrorists get a foothold in our country too. One need only look at what they're doing in Europe right now to know we're doing the right thing by keeping them out, which is our right and our duty. - Checkmate (#1 pussy willow fan) - "You just made puppy whistle's sig line longer." - Janithor - "If I have a complaint about the (Southern Poverty) Law Center's description (of the alt-right movement), it is the phrase "heavy use of social media," which implies the alt-right is a real-world movement which uses a lot of social media. This is backwards: it is an online movement which occasionally appears in the real world. Where it gets punched." - Jason Rhode - "I think we should destroy every last ****ing mosque in America." - "Checkmate, DoW #1" proves for us that white males are violent in Message-ID: - Golden Killfile, June 2005 KOTM, November 2006 Bob Allisat Memorial Hook, Line & Sinker, November 2006 Special Ops Cody Memorial Purple Heart, November 2006 Special Ops Cody Memorial Purple Heart, September 2007 Tony Sidaway Memorial "Drama Queen" Award, November 2006 Busted Urinal Award, April 2007 Order of the Holey Sockpuppet, September 2007 Barbara Woodhouse Memorial Dog Whistle, September 2006 Barbara Woodhouse Memorial Dog Whistle, April 2008 Tinfoil Sombrero, February 2007 AUK Mascot, September 2007 Putting the Awards Out of Order to Screw With the OCD ****heads, March 2016 |
Thread Tools | |
Display Modes | Rate This Thread |
|
|