Massive CPU Security Flaws Revealed


#302

Spectre patches require CPU microcode and BIOS firmware updates, and likely will include recompiles of every program running on your computer as well to add that retpoline mitigation stuff.


#303

So… no, I don’t have the fix yet?


#304

Probably not, unless you updated your BIOS.


#305

No BIOS updates for my mobo (ASUS).

Not that I run VM’s at home anyway, isn’t that all this exploit does? Allow your VM to see the host/other VM’s?


#306

No, that’s just a great example of how bad this exploit is. When it can breach the hypervisor, well, that’s when shit gets real.


#307

Intel microcode has been updated for some Linux distributions (including mine), so it’s going around already, it seems.


#308

Like what? What else can the exploit do?


#309

At it’s most basic it allows any code to read other memory slots on the computer. So imagine javascript being able to read your password manager’s memory.


#310

But in order to utilize this exploit, an attacker would have to have already breached my firewalls and be on my local system, correct?


#311

Yes. But even javascript has been shown to be able to do it. Granted they think they have that patched out now but… eh. Maybe/maybe not.

By itself it probably doesn’t look to bad, it’s when it gets combined with other zero day exploits things start to get scary.


#312

Now, instead of a kitten photo, imagine that someone can now read every one of your passwords, as well as encryption keys.


#313

But again, only if they can get to that part of my systems memory. Right?


#314

Kinda, except that theoretically this can be injected into Javascript, which can infect your computer just by visiting a website that is serving the infected code.


#315

What about using Chrome with a script blocker, like uScript?


#316

Basically it allows one process to see other processes’ memory by tricking the CPU. Imagine that processes have their personal space - much like each individual person in a public restroom doing number 2. And then someone pops a mirror on a selfie stick and starts checking other people’s privates.

And to build upon that terrible metaphor, you could say Intel is itself doing number 2 and we’re all inside that white ceramic bowl, trying to figure out how to breathe again. Or something.


#317

The hyper visor is big for cloud companies because you can literally have dozens of companies sharing the same machine; if any of them is a bad actor, they can run code that lets them breach the hypervisor and see what everyone else on the machine is literally doing at that moment.


#318

Depending on how tight your settings are on uScript, that should mitigate that vector.


#319

That might make you more impervious to an attack via browser, but not other sources. And the modern web will be nearly unusable for you.


#320

If you can escape VMs, you can do pretty much anything.

My motherboard does have an updated BIOS for Spectre, but I’m not updating just yet as there are reports of unexpected reboots.


#321

Er, that’s not true. I’ve been using ublock for years now and the pages I go to seem to work just fine.

And what other sources besides browsers are we talking about? Opening strange email attachments? Letting a strange remote into my PC because he cold called me and insists there is a problem with my PC? I mean, I kind of doubt for the average home user this exploit is a bigger problem than other ransomware, virus, nonsense that people fall for. Not yet, anyway.