sleed Posted January 3, 2018 Report Posted January 3, 2018 (edited) https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ Kernel page-table isolation (KPTI, previously called KAISER) is a hardening technique in the Linux kernel to improve security by better isolating user space and kernel space memory. KPTI was merged into Linux kernel version 4.15, to be released in early 2018, and backported into Linux Kernel 4.14.10. Windows implemented an identical feature in version 17035 (RS4). Prior to KPTI, whenever executing user space code (applications), Linux would also keep its entire kernel memory mapped in page table. https://www.youtube.com/watch?time_continue=1792&v=ewe3-mUku94 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5925 https://www.reddit.com/r/Amd/comments/7nqwoe/apparently_amds_request_to_be_excluded_from_the/ The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Edited January 3, 2018 by sleed 4 Quote
Gushterul Posted January 10, 2018 Report Posted January 10, 2018 Sa vezi acum ditamai botnetul... Porcarie de lab la Google sa faci disclosure la asa ceva. Quote
TheTime Posted January 11, 2018 Report Posted January 11, 2018 20 hours ago, Gushterul said: Sa vezi acum ditamai botnetul... Porcarie de lab la Google sa faci disclosure la asa ceva. Fara awareness, vulnerabilitatile de genu' acesta nu vor fi niciodata rezolvate. Si e mai bine sa stie toata lumea de ele, inclusiv cei vulnerabili, decat sa stie de vulnerabilitate doar grupuri restranse de oameni. Grupurile astea (nu dau nume, dar ma refer si la prescurtari din 3-4 litere) ar folosi vulerabilitatile pentru propriul interes, iar restul ar avea un fals sentiment de siguranta... 4 Quote
Gushterul Posted January 14, 2018 Report Posted January 14, 2018 "Grupurile" alea oricum au exploiturile lor. Daca nu au iti fac taping. Daca nu vin cu forta peste tine;) Sa upgrade/patch/schimbi zeci de milioane de servere... idiotic! Quote
robertutzu Posted January 15, 2018 Report Posted January 15, 2018 (edited) problema e mai grava decat pare la suprafata, patchurile ca sa functioneze reduc viteza de procesare cu 17-23% gandeste ce inseamna pentru amazon unde sunt zeci de mii de procesoare - pierdere de mii de procesoare, la 10000 de procesoare prin patch ai pierde cum ar veni in medie 2000 de procesoare ca si putere de procesare. si totul din lacomie, se stia de problema de cand erau facute procesoarele doar ca era o intelegere tacita ca sa fie mai rapide https://www.theverge.com/2018/1/4/16850516/intel-meltdown-spectre-bug-patch-cpu-security-flaw-news https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/ Edited January 19, 2018 by robertutzu xxx 1 Quote
Sithalkes Posted January 15, 2018 Report Posted January 15, 2018 (edited) Oricum, sunt dificil de exploatat astea, nu orice copil de flood le poate exploata. Mie personal imi convine, deoarece sigur vor scadea preturile la procesoarele afectate. Aia care sunteti pe windows, si vreti sa va documentati, aruncati un oki aici Edited January 15, 2018 by Sithalkes Quote
DuTy^ Posted January 15, 2018 Report Posted January 15, 2018 1 hour ago, Sithalkes said: Oricum, sunt dificil de exploatat astea, nu orice copil de flood le poate exploata. Mie personal imi convine, deoarece sigur vor scadea preturile la procesoarele afectate. Aia care sunteti pe windows, si vreti sa va documentati, aruncati un oki aici https://github.com/crozone/SpectrePoC Orice bajet de jmekereala cu instructiuni de pe stackoverflow iti scoate malware cu spectre.... 1 Quote
u0m3 Posted January 18, 2018 Report Posted January 18, 2018 (edited) Ca sa nu mai deschid alt topic: Spectre is not a Bug, it is a Feature. Life... Lemons... Edited January 18, 2018 by u0m3 1 Quote
