sleed Posted January 3, 2018 Report Share Posted January 3, 2018 (edited) https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ Kernel page-table isolation (KPTI, previously called KAISER) is a hardening technique in the Linux kernel to improve security by better isolating user space and kernel space memory. KPTI was merged into Linux kernel version 4.15, to be released in early 2018, and backported into Linux Kernel 4.14.10. Windows implemented an identical feature in version 17035 (RS4). Prior to KPTI, whenever executing user space code (applications), Linux would also keep its entire kernel memory mapped in page table. https://www.youtube.com/watch?time_continue=1792&v=ewe3-mUku94 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5925 https://www.reddit.com/r/Amd/comments/7nqwoe/apparently_amds_request_to_be_excluded_from_the/ The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Edited January 3, 2018 by sleed 4 Quote Link to comment Share on other sites More sharing options...
aelius Posted January 10, 2018 Report Share Posted January 10, 2018 2 5 Quote Link to comment Share on other sites More sharing options...
Gushterul Posted January 10, 2018 Report Share Posted January 10, 2018 Sa vezi acum ditamai botnetul... Porcarie de lab la Google sa faci disclosure la asa ceva. Quote Link to comment Share on other sites More sharing options...
TheTime Posted January 11, 2018 Report Share Posted January 11, 2018 20 hours ago, Gushterul said: Sa vezi acum ditamai botnetul... Porcarie de lab la Google sa faci disclosure la asa ceva. Fara awareness, vulnerabilitatile de genu' acesta nu vor fi niciodata rezolvate. Si e mai bine sa stie toata lumea de ele, inclusiv cei vulnerabili, decat sa stie de vulnerabilitate doar grupuri restranse de oameni. Grupurile astea (nu dau nume, dar ma refer si la prescurtari din 3-4 litere) ar folosi vulerabilitatile pentru propriul interes, iar restul ar avea un fals sentiment de siguranta... 4 Quote Link to comment Share on other sites More sharing options...
Gushterul Posted January 14, 2018 Report Share Posted January 14, 2018 "Grupurile" alea oricum au exploiturile lor. Daca nu au iti fac taping. Daca nu vin cu forta peste tine;) Sa upgrade/patch/schimbi zeci de milioane de servere... idiotic! Quote Link to comment Share on other sites More sharing options...
robertutzu Posted January 15, 2018 Report Share Posted January 15, 2018 (edited) problema e mai grava decat pare la suprafata, patchurile ca sa functioneze reduc viteza de procesare cu 17-23% gandeste ce inseamna pentru amazon unde sunt zeci de mii de procesoare - pierdere de mii de procesoare, la 10000 de procesoare prin patch ai pierde cum ar veni in medie 2000 de procesoare ca si putere de procesare. si totul din lacomie, se stia de problema de cand erau facute procesoarele doar ca era o intelegere tacita ca sa fie mai rapide https://www.theverge.com/2018/1/4/16850516/intel-meltdown-spectre-bug-patch-cpu-security-flaw-news https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/ Edited January 19, 2018 by robertutzu xxx 1 Quote Link to comment Share on other sites More sharing options...
Sithalkes Posted January 15, 2018 Report Share Posted January 15, 2018 (edited) Oricum, sunt dificil de exploatat astea, nu orice copil de flood le poate exploata. Mie personal imi convine, deoarece sigur vor scadea preturile la procesoarele afectate. Aia care sunteti pe windows, si vreti sa va documentati, aruncati un oki aici Edited January 15, 2018 by Sithalkes Quote Link to comment Share on other sites More sharing options...
DuTy^ Posted January 15, 2018 Report Share Posted January 15, 2018 1 hour ago, Sithalkes said: Oricum, sunt dificil de exploatat astea, nu orice copil de flood le poate exploata. Mie personal imi convine, deoarece sigur vor scadea preturile la procesoarele afectate. Aia care sunteti pe windows, si vreti sa va documentati, aruncati un oki aici https://github.com/crozone/SpectrePoC Orice bajet de jmekereala cu instructiuni de pe stackoverflow iti scoate malware cu spectre.... 1 Quote Link to comment Share on other sites More sharing options...
u0m3 Posted January 18, 2018 Report Share Posted January 18, 2018 (edited) Ca sa nu mai deschid alt topic: Spectre is not a Bug, it is a Feature. Life... Lemons... Edited January 18, 2018 by u0m3 1 Quote Link to comment Share on other sites More sharing options...