A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Windows 10 » Windows 10 Help Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Intel junk...Intel's SGX blown wide open by, you guessed it,a speculative execution attack



 
 
Thread Tools Rate Thread Display Modes
  #1  
Old August 15th 18, 05:58 AM posted to alt.privacy.anon-server, alt.comp.os.windows-10,comp.os.linux.advocacy, comp.sys.mac.system, comp.os.vms
Designed By India H1B Engineers
external usenet poster
 
Posts: 2
Default Intel junk...Intel's SGX blown wide open by, you guessed it,a speculative execution attack

These flaws couldn't purposely be designed by foreign interests
could they?

Speculative execution attacks truly are the gift that keeps on
giving.

Another day, another speculative execution-based attack. Data
protected by Intel's SGXdata that's meant to be protected even
from a malicious or hacked kernelcan be read by an attacker
thanks to leaks enabled by speculative execution.

Since publication of the Spectre and Meltdown attacks in January
this year, security researchers have been taking a close look at
speculative execution and the implications it has for security.
All high-speed processors today perform speculative execution:
they assume certain things (a register will contain a particular
value, a branch will go a particular way) and perform
calculations on the basis of those assumptions. It's an
important design feature of these chips that's essential to
their performance, and it has been for 20 years.

But Meltdown and Spectre showed that speculative execution has
security implications. Meltdown (on most Intel and some ARM
processors) allows user applications to read the contents of
kernel memory. Spectre (on most Intel, AMD, and ARM chips) can
be used to attack software sandboxes used for JavaScript in
browsers and, under the right conditions, can allow kernel
memory or hypervisor memory to be read. In the months since they
were first publicized, we've seen new variants: speculative
store bypass, speculative buffer overflows, and even a remotely
exploitable version of Spectre.

What's in store today? A new Meltdown-inspired attack on Intel's
SGX, given the name Foreshadow by the researchers who found it.
Two groups of researchers found the vulnerability independently:
a team from KU Leuven in Belgium reported it to Intel in early
Januaryjust before Meltdown and Spectre went publicand a
second team from the University of Michigan, University of
Adelaide, and Technion reported it three weeks later.

Continued.

https://arstechnica.com/gadgets/2018...gx-blown-wide-
open-by-you-guessed-it-a-speculative-execution-attack/

Ads
  #2  
Old August 15th 18, 06:33 AM posted to alt.privacy.anon-server, alt.comp.os.windows-10,comp.os.linux.advocacy,comp.sys.mac.system,comp.os.vms
Your Friendly Neighbourhood Puppy Whistle Holder Emeritus 🐶笛
external usenet poster
 
Posts: 10
Default Intel junk...Intel's SGX blown wide open by, you guessed it, aspeculative execution attack

On Wed, 15 Aug 2018 06:58:48 +0200 (CEST), LO AND BEHOLD; "Designed By
India H1B Engineers " determined that the following was
of great importance and subsequently decided to freely share it with us
in :

These flaws couldn't purposely be designed by foreign interests could
they?

Speculative execution attacks truly are the gift that keeps on giving.

Another day, another speculative execution-based attack. Data protected
by Intel's SGX�data that's meant to be protected even from a malicious
or hacked kernel�can be read by an attacker thanks to leaks enabled by
speculative execution.

Since publication of the Spectre and Meltdown attacks in January this
year, security researchers have been taking a close look at speculative
execution and the implications it has for security. All high-speed
processors today perform speculative execution: they assume certain
things (a register will contain a particular value, a branch will go a
particular way) and perform calculations on the basis of those
assumptions. It's an important design feature of these chips that's
essential to their performance, and it has been for 20 years.

But Meltdown and Spectre showed that speculative execution has security
implications. Meltdown (on most Intel and some ARM processors) allows
user applications to read the contents of kernel memory. Spectre (on
most Intel, AMD, and ARM chips) can be used to attack software
sandboxes used for JavaScript in browsers and, under the right
conditions, can allow kernel memory or hypervisor memory to be read. In
the months since they were first publicized, we've seen new variants:
speculative store bypass, speculative buffer overflows, and even a
remotely exploitable version of Spectre.

What's in store today? A new Meltdown-inspired attack on Intel's SGX,
given the name Foreshadow by the researchers who found it. Two groups
of researchers found the vulnerability independently: a team from KU
Leuven in Belgium reported it to Intel in early January�just before
Meltdown and Spectre went public�and a second team from the University
of Michigan, University of Adelaide, and Technion reported it three
weeks later.

Continued.

https://arstechnica.com/gadgets/2018...gx-blown-wide-
open-by-you-guessed-it-a-speculative-execution-attack/


most of your typical news readers won't show all of the "�" chars in your copypasta.

--
THIS SPACE FOR RENT
https://www.youtube.com/watch?v=iB6B8jGSdLA

"Thanks to muzzies and their apologist-enablers like puppy whistle, this
seems to be the new norm in the world. It's spreading like a cancer,
and it's time we admit we're at war with pure evil. We need to put an
end to this muzzie plague, or life on Earth is going to become pure hell
everywhere. We need to get these people out of every civilized
country, and there's only one way to do it. IOW, we have to become
like them, with an emphasis on expediency over cruelty." - Checkmate (of alt.checkmate)

"Pussy Willow has just proven that Trump's crackdown on previously
unenforced immigration policies is working. We'll deal with the domestic
terrorists as needed, but we don't need to be letting the muzzie
terrorists get a foothold in our country too. One need only look at what
they're doing in Europe right now to know we're doing the right thing by
keeping them out, which is our right and our duty. - Checkmate (#1 pussy willow fan)

-

"You just made puppy whistle's sig line longer." - Janithor

-

"If I have a complaint about the (Southern Poverty) Law Center's description (of the alt-right movement), it is the phrase "heavy use of social media," which implies the alt-right is a real-world movement which uses a lot of social media. This is backwards: it is an online movement which occasionally appears in the real world. Where it gets punched." - Jason Rhode

-

"I think we should destroy every last ****ing mosque in America." - "Checkmate, DoW #1" proves for us that white males are violent in Message-ID:

-

Golden Killfile, June 2005
KOTM, November 2006
Bob Allisat Memorial Hook, Line & Sinker, November 2006
Special Ops Cody Memorial Purple Heart, November 2006
Special Ops Cody Memorial Purple Heart, September 2007
Tony Sidaway Memorial "Drama Queen" Award, November 2006
Busted Urinal Award, April 2007
Order of the Holey Sockpuppet, September 2007
Barbara Woodhouse Memorial Dog Whistle, September 2006
Barbara Woodhouse Memorial Dog Whistle, April 2008
Tinfoil Sombrero, February 2007
AUK Mascot, September 2007
Putting the Awards Out of Order to Screw With the OCD ****heads, March 2016

 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 06:28 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright 2004-2024 PCbanter.
The comments are property of their posters.