pinging dayglored, ThunderSleeps, and ShadowAce for their ping list attention.
Spectre Prime and Meltdown Prime Malware Ping!
If you want on or off the Mac Ping List, Freepmail me.
Posted on 02/19/2018 3:53:27 PM PST by Swordmaker
MeltdownPrime and SpectrePrime, found by Princeton and NVIDIA researchers, may require significant hardware changes to be mitigated.
Security researchers from NVIDIA and Princeton have discovered new variants of the Meltdown and Spectre flaws that may be more difficult to tackle than the originals. Dubbed MeltdownPrime and SpectrePrime, these flaws were further detailed in a recent research paper.
The software changes already underway will likely take care of these two exploits, but the coming hardware fixes won't, the researchers noted in the paper. The researchers said they believe the "hardware protection against them will be distinct," which means that chip makers may need to further change their designs to mitigate the threats.
After creating their own tool to synthesize the Spectre and Meltdown flaws, the researchers were able to use their findings to conduct side-channel attacks, or attacks that take advantage of the physical hardware related to a system's security. The side-channel attacks in this exploit are cache-based and rely on the timing of cache activity to glean information, the report said.
(Excerpt) Read more at techrepublic.com ...
LMAO! My boss is already going gray(er) over Spectre/Meltdown. Now this?
I wonder if the FBI knew about this and didn’t tell anyone... /sarc
pinging dayglored, ThunderSleeps, and ShadowAce for their ping list attention.
If you want on or off the Mac Ping List, Freepmail me.
No troll intended here, Sword, but do you know why they would have used a Mac to test the POC? Says in the article the exploit was tested on a Mac. Just curious if Apple’s platform is “better” for this test vs. Windows or Linux.
I’m still amazed this went on for so long without anybody noticing.
I’ve worked with embedded systems doing high performance coding and we always just assumed that once the cache path was invalidated that it was inaccessible.
Processor development has always been a “black box.” I would bet good money that as quantum computing becomes more accessible, these types of hardware exploits will become more common and easily exploitable on aging platforms.
Yeah - but as a low level developer we’re well aware of that fact that you don’t leave encrypted items in memory “lying” around because it’ll get exploited in your app.
It’s just unfathomable (though probably not that surprising) that the processor manufacturers never implemented that in their designs.
“But... they’re encrypted.”
/sarcasm
If your automobile manufacturer is discovered to have included (even by accident) a flaw that allows theives to take your car at-will, or to hijack your car remotely and put you and the general public at risk - who would be held accountable for that flaw? The manufacturer - no matter the cost.
If your bank runs software that has a security gap that allows thieves to take money from them at-will - who is accountable for that flaw? Your bank and their tech suppliers.
So - with millions and millions of computers across platforms likely targeted because of a FLAW (think design flaw when it comes to some states and their product liability law) who should be held accountable for fixing and repairing what they left (accidentally or otherwise) open because of a design flaw?
Lots of possibilities - but while I’m not Swordmaker - I would suspect that this is because there are so scarce other exploits on the Mac platform that they are less likely to get “contaminated” test results?
That’s fair. But Linux too?
Knew about it? My guess is these were Fed-mandated CPU backdoors, which are now out there only because the secrecy of their existence has been compromised (for example, see https://i.redd.it/gtsboykb98b01.png).
While I love me a good conspiracy, I find it hard to believe that every OS developer was caught unaware of this. If they weren’t, they’re complicit. If they were, they were incompetent.
I’ll take Complicit for $200, Alex.
That is complete BS.
The reason is the developer preferred Macs.
The important point, as it has always been, is that the attacker has to run arbitrary code on your CPU to even start the attack. The only case on a PC where somewhat arbitrary code is run (other than user error) is javascript in a web browser and it is quite easy to protect browsers against that. On Mac there are protections built into firmware that would preclude OS level attacks (e.g. would preclude persistence)
The other case is where people are running arbirary code on virtual machines that they are renting in the cloud. Those are obviously more concerning to cloud vendors and cloud users, but only to those people.
Thanks to Swordmaker for the ping!
How long before some kids pacemaker is hacked, the kid dies, and the father tracks down and takes out the hacker,
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.
