Rebels At War
http://rebelsatwar.net/

Meltdown and Spectre Side-Channel Vulnerability Guidance
http://rebelsatwar.net/viewtopic.php?f=1&t=13457
Page 1 of 1

Author:  Nightmare [ Fri Jan 05, 2018 1:00 pm ]
Post subject:  Meltdown and Spectre Side-Channel Vulnerability Guidance

This came up on TeamSpeak the other day, I thought I would share current information which includes a number of additional links.

https://www.us-cert.gov/ncas/alerts/TA18-004A

Author:  Lactobeezor [ Fri Jan 05, 2018 2:30 pm ]
Post subject:  Re: Meltdown and Spectre Side-Channel Vulnerability Guidance

I'm not the smartest can in the box but how can patching an exploit slow down the host's machine?

Lacto

Author:  Nightmare [ Fri Jan 05, 2018 3:04 pm ]
Post subject:  Re: Meltdown and Spectre Side-Channel Vulnerability Guidance

Well there are multiple levels of fixes, not all will slow down the machine. I would start with testing to see if your machine is vulnerable first. Here are a couple of tools for doing your own assessment.

Intel and Linux have developed tools to detect and mitigate the Meltdown and Spectre vulnerabilities in Windows and Linux. See INTEL-SA-00075 Detection and Mitigation Tool (Windows) and INTEL-SA-00075 Linux Detection and Mitigation Tools (Linux) for further information.

As for your question in basic terms it would limit a special CPU memory process designed to speed up most CPU's. Here is a clip from another article.

Again, the CPU exploits in play here are extremely technical, but in a nutshell, the exploit allows access to your operating system’s sacrosanct kernel memory because of how the processors handle “speculative execution,” which modern chips perform to increase performance. An attacker can exploit these CPU vulnerabilities to expose extremely sensitive data in the protected kernel memory, including passwords, cryptographic keys, personal photos, emails, or any other data on your PC.
Meltdown is the more serious exploit, and the one that operating systems are rushing to fix. It “breaks the most fundamental isolation between user applications and the operating system,” according to Google. This flaw most strongly affects Intel processors because of the aggressive way they handle speculative execution, though a few ARM cores are also susceptible.

Author:  5niper [ Fri Jan 05, 2018 6:43 pm ]
Post subject:  Re: Meltdown and Spectre Side-Channel Vulnerability Guidance

If you want to be 200% protected from these, and any future vulnerabilities online...

The best solution for most would be to use this as your address book:

Image

this as your word processor:

Image

for your spreadsheets:

Image

this as your internet search engine:

Image

oh...don't forget your emails...

Image

:lolsign:

Author:  RAW Leo [ Sat Jan 06, 2018 12:53 am ]
Post subject:  Re: Meltdown and Spectre Side-Channel Vulnerability Guidance

:lolsign: :lolsign: :lolsign: :lolsign:

Author:  Lactobeezor [ Sat Jan 06, 2018 2:19 pm ]
Post subject:  Re: Meltdown and Spectre Side-Channel Vulnerability Guidance

Thx Nightmare. Good Article on speculative execution.

Lacto

Author:  [RAW] Storm [ Sun Jan 07, 2018 5:09 am ]
Post subject:  Re: Meltdown and Spectre Side-Channel Vulnerability Guidance

:lolsign: :lolsign:

Page 1 of 1 All times are UTC
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/