Security Fuckup Megathread - v14.1 - Hello, is this a delivery order?

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v14.1 - Hello, is this a delivery order?

«‹›242 »

Farmdizzle: May 26, 2009; Hagel satan; Grimey Drawer

ate all the Oreos posted:

isn't that the one we've been talking about for like the last page or two? i can't tell because everyone seems to be addressing it in the abstract since it's embargoed so there's no real details

it is. i recognized the author using the phrase "I adore a little intrigue"

# ? Jan 2, 2018 19:33

Adbot: ADBOT LOVES YOU

# ? May 14, 2024 07:47

anthonypants: May 6, 2007; by Nyc_Tattoo; Dinosaur Gum

ate all the Oreos posted:

isn't that the one we've been talking about for like the last page or two? i can't tell because everyone seems to be addressing it in the abstract since it's embargoed so there's no real details

yes but that link they shared is a tumblr reblog of the original link, with no additional information

# ? Jan 2, 2018 19:49

CommieGIR: Aug 22, 2006; The blue glow is a feature, not a bug; Pillbug

ate all the Oreos posted:

isn't that the one we've been talking about for like the last page or two? i can't tell because everyone seems to be addressing it in the abstract since it's embargoed so there's no real details

Its is, my mistake, this seems to be the original source at least.

# ? Jan 2, 2018 19:54

Cybernetic Vermin: Apr 18, 2005

it is a pretty fun problem since it is reasonably easy to understand, but it is a bit of a marvel that someone thought of it

i have to wonder if we wont see a microcode patch at some point, thinking that intel should be able to hook into the point of the page fault and determine that it is specifically a supervisor page, and just flush caches in that reasonably rare event

e: then again, that may be too late if you carefully synchronize two threads for the purpose

# ? Jan 2, 2018 20:01

pseudorandom name: May 6, 2007

presumably Intel would've done that if it were possible, because the alternative solution that they're developing now is so much worse

also, https://www.fool.com/investing/2017/12/19/intels-ceo-just-sold-a-lot-of-stock.aspx

# ? Jan 2, 2018 20:04

univbee: Jun 3, 2004

Anyone remember which conference and year it was where someone here noted the conference was displaying pictures in tweets with a certain conference hashtag on the projector unfiltered, resulting in someone else goatse'ing the display? Was it at an RSA conference?

# ? Jan 2, 2018 20:10

Cybernetic Vermin: Apr 18, 2005

pseudorandom name posted:

presumably Intel would've done that if it were possible, because the alternative solution that they're developing now is so much worse

also, https://www.fool.com/investing/2017/12/19/intels-ceo-just-sold-a-lot-of-stock.aspx

i'm not sure that the heavy-weight software solution is a sure sign there wont be a lighter microcode one in the future though, it sounds serious enough that they may be going for the sure thing (unmapping will after all certainly fix the issue) to take a bit more time validating a better one. but we'll see, rather unfortunate for everyone but amd (+6.57%) by the sounds of things, i can't trade in us stocks atm so not in a position to make use of the theory that it will be a permanent drag on current intel cpus ;q

# ? Jan 2, 2018 20:11

Midjack: Dec 24, 2007

pseudorandom name posted:

presumably Intel would've done that if it were possible, because the alternative solution that they're developing now is so much worse

also, https://www.fool.com/investing/2017/12/19/intels-ceo-just-sold-a-lot-of-stock.aspx

ahahahhaah

if they can do insider trading like this, that fund that was shorting companies with 0days should be ok too.

# ? Jan 2, 2018 20:13

pseudorandom name: May 6, 2007

its not insider trading if you do the trades after your employees have posted the patch to the public mailing list

# ? Jan 2, 2018 20:15

anthonypants: May 6, 2007; by Nyc_Tattoo; Dinosaur Gum

univbee posted:

Anyone remember which conference and year it was where someone here noted the conference was displaying pictures in tweets with a certain conference hashtag on the projector unfiltered, resulting in someone else goatse'ing the display? Was it at an RSA conference?

that was our good friend rufo but i don't remember what year it was

# ? Jan 2, 2018 20:16

Subjunctive: Sep 12, 2006; ✨sparkle and shine✨

pseudorandom name posted:

its not insider trading if you do the trades after your employees have posted the patch to the public mailing list

I thought that material information had to be published where a preponderance of average investors would see it. otherwise you could stick it on some random web page and then trade before anyone saw it

I would be very surprised if publishing a patch constituted sufficient disclosure � do you think it�s consistent with the SEC on this?

# ? Jan 2, 2018 20:22

Workaday Wizard: Oct 23, 2009; by Pragmatica

no one from equifax got hurt for selling stocks during a loving breach that they knew about and were investigating. why do you think they will touch intel's ceo?

# ? Jan 2, 2018 20:31

Subjunctive: Sep 12, 2006; ✨sparkle and shine✨

are you asking me? I don�t think there will be practical consequences. I just don�t think posting a patch is what closes it off. I�ve had material non-public information at public companies, and our guidance always had much higher bars to clear than �someone posted related code to someone else�s web site�.

# ? Jan 2, 2018 20:34

Jabor: Jul 16, 2010; #1 Loser at SpaceChem

The difference is probably whether or not you're high-level enough that the company would back you up instead of throwing you under the bus.

# ? Jan 2, 2018 20:37

Shame Boy: Mar 2, 2010

yeah rules are for the little people

# ? Jan 2, 2018 20:50

Rufus Ping: Dec 27, 2006; I'm a Friend of Rodney Nano

anthonypants posted:

that was our good friend rufo but i don't remember what year it was

2014

https://twitter.com/hilare_belloc/status/438839253577908225

It was ChickenOfTomorrow who did all the legwork, i just sent the tweet

# ? Jan 2, 2018 21:08

Bulgogi Hoagie: Jun 1, 2012; We

Rufus Ping posted:

2014

https://twitter.com/hilare_belloc/status/438839253577908225

It was ChickenOfTomorrow who did all the legwork, i just sent the tweet

https://twitter.com/jamesliamcook/status/948111845382152192

# ? Jan 2, 2018 21:16

30 TO 50 FERAL HOG: Mar 2, 2005

Subjunctive posted:

I thought that material information had to be published where a preponderance of average investors would see it. otherwise you could stick it on some random web page and then trade before anyone saw it

I would be very surprised if publishing a patch constituted sufficient disclosure � do you think it�s consistent with the SEC on this?

yeah im sure the chronically underfunded sec running under the largest grifter to ever live will get right on that

# ? Jan 2, 2018 21:21

univbee: Jun 3, 2004

Rufus Ping posted:

2014

It was ChickenOfTomorrow who did all the legwork, i just sent the tweet

Thanks!

# ? Jan 2, 2018 21:25

Shame Boy: Mar 2, 2010

that'll teach me to leave embedded tweets on at work

# ? Jan 2, 2018 21:31

Powerful Two-Hander: Mar 10, 2004; Mods please change my name to "Tooter Skeleton" TIA.

Bulgogi Hoagie posted:

https://twitter.com/jamesliamcook/status/948111845382152192

lmao and he calls himself a technology correspondent. a shameful journalist.

# ? Jan 2, 2018 22:57

Rufus Ping: Dec 27, 2006; I'm a Friend of Rodney Nano

remember when james liam cook was milo ~~wagner's~~ yiannopoulos's lackey at failed tech blog The Kernel before dodging the world's largest bullet and reinventing himself as a proper journo

# ? Jan 2, 2018 23:42

Rufus Ping: Dec 27, 2006; I'm a Friend of Rodney Nano

eyes emoji

# ? Jan 2, 2018 23:44

Subjunctive: Sep 12, 2006; ✨sparkle and shine✨

ate all the Oreos posted:

yeah rules are for the little people

the SEC form 4 says that the transaction was under a 10b5-1 pre-determined trading plan that was already filed. IIRC they have to be filed 6 months before they take effect, so going from the form 4 he specified the sale back in April. (likely to coincide with his option package vesting.)

all CxO/VPs I know trade under a 10b5-1 plan because they always have MNP information and otherwise couldn�t trade at all

# ? Jan 2, 2018 23:49

Fabricated: Apr 9, 2007; Living the Dream

If it really turns out AMD processors aren't affected by the bug I might laugh until I die

# ? Jan 3, 2018 01:10

pseudorandom name: May 6, 2007

Fabricated posted:

If it really turns out AMD processors aren't affected by the bug I might laugh until I die

That quote I posted earlier was from an AMD developer in the commit message for a patch that disables PTI on AMD CPUs because they're not affected.

here's the whole thing since nobody read the link the first time:

code:

From: Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH] x86/cpu, x86/pti: Do not enable PTI on AMD processors

AMD processors are not subject to the types of attacks that the kernel
page table isolation feature protects against.  The AMD microarchitecture
does not allow memory references, including speculative references, that
access higher privileged data when running in a lesser privileged mode
when that access would result in a page fault.

Disable page table isolation by default on AMD processors by not setting
the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI
is set.

Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 arch/x86/kernel/cpu/common.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index c47de4e..7d9e3b0 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -923,8 +923,8 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)

 	setup_force_cpu_cap(X86_FEATURE_ALWAYS);

-	/* Assume for now that ALL x86 CPUs are insecure */
-	setup_force_cpu_bug(X86_BUG_CPU_INSECURE);
+	if (c->x86_vendor != X86_VENDOR_AMD)
+		setup_force_cpu_bug(X86_BUG_CPU_INSECURE);

 	fpu__init_system(c);

pseudorandom name fucked around with this message at 01:47 on Jan 3, 2018

# ? Jan 3, 2018 01:40

ate shit on live tv: Feb 15, 2004; by Azathoth

Subjunctive posted:

the SEC form 4 says that the transaction was under a 10b5-1 pre-determined trading plan that was already filed. IIRC they have to be filed 6 months before they take effect, so going from the form 4 he specified the sale back in April. (likely to coincide with his option package vesting.)

all CxO/VPs I know trade under a 10b5-1 plan because they always have MNP information and otherwise couldn�t trade at all

Yea. I don't think this was necessarily insider trading. But in a non-poo poo world, it would certainly be something the SEC should investigate a bit. Since we are in a poo poo world where rules are only followed because it isn't inconvenient for the people the rules are meant for, I'm sure they will sign off on it without a second look.

# ? Jan 3, 2018 02:06

You Am I: May 20, 2001; Me @ your poasting

I'm looking at moving my IT career towards an IT Security role. Not sure where in IT Security to start from or with, any recommendations? Is it worth becoming an auditor or is there some other part of IT Security that's worth looking into?

# ? Jan 3, 2018 02:09

Subjunctive: Sep 12, 2006; ✨sparkle and shine✨

ate poo poo on live tv posted:

But in a non-poo poo world, it would certainly be something the SEC should investigate a bit.

in April he told the SEC �I�m going to make this trade later this year�, and then it was on autopilot. he doesn�t get to change his mind. the optics are bad to people who think the CEO just logged into E-Trade to dump a few million in shares after getting an unpleasant email, but it�s super easy for the SEC to see whether the trade followed the 10b5-1 they have on file. I�m sure they did check when the form 4 came in, really, so I guess they did investigate a bit

I may be missing another angle though: what do you think they should do?

# ? Jan 3, 2018 02:16

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

ate poo poo on live tv posted:

Yea. I don't think this was necessarily insider trading. But in a non-poo poo world, it would certainly be something the SEC should investigate a bit. Since we are in a poo poo world where rules are only followed because it isn't inconvenient for the people the rules are meant for, I'm sure they will sign off on it without a second look.

it�s public data filed through the SEC, the presumption is that anyone (with time and inclination) can investigate, and as such it�s in companies' best interest to play fair: https://www.sec.gov/edgar/searchedgar/accessing-edgar-data.htm

# ? Jan 3, 2018 02:18

Subjunctive: Sep 12, 2006; ✨sparkle and shine✨

the 10b5-1 filings themselves aren�t public, perhaps obviously. all the other pieces are there though, you�re right

# ? Jan 3, 2018 02:20

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

Subjunctive posted:

the 10b5-1 filings themselves aren�t public, perhaps obviously. all the other pieces are there though, you�re right

*bonghit* this is the perfect application for blockchain: make the hash of the filing public

# ? Jan 3, 2018 02:31

Last Chance: Dec 31, 2004

is there a yospos thread about the major intel fuckup ?

# ? Jan 3, 2018 02:32

Subjunctive: Sep 12, 2006; ✨sparkle and shine✨

Last Chance posted:

is there a yospos thread about the major intel fuckup ?

# ? Jan 3, 2018 02:33

Last Chance: Dec 31, 2004

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

idk much about security but someone sent me this

# ? Jan 3, 2018 02:36

MrMoo: Sep 14, 2000

Somehow one ended up on GBS

# ? Jan 3, 2018 02:41

Shame Boy: Mar 2, 2010

Last Chance posted:

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

idk much about security but someone sent me this

would you like to know something about it or did you just want to talk about it with yr yosbros

# ? Jan 3, 2018 02:42

aardvaard: Mar 4, 2013; you belong in the bog of eternal stench

i'm hearing a lot of desktop users yelling about the 30% DROP IN SPEED for their VIDEO-GAMES

to me this looks like an issue that really doesn't affect desktop users, right? only situations where someone should be allowed to execute code but not read certain portions of memory (like virtualization)?

# ? Jan 3, 2018 02:45

Number19: May 14, 2003; HOCKEY OWNS
FUCK YEAH

Last Chance posted:

is there a yospos thread about the major intel fuckup ?

there is now i guess:

https://forums.somethingawful.com/showthread.php?threadid=3845387

# ? Jan 3, 2018 02:47

Adbot: ADBOT LOVES YOU

# ? May 14, 2024 07:47

hobbesmaster: Jan 28, 2008

CommunistPancake posted:

i'm hearing a lot of desktop users yelling about the 30% DROP IN SPEED for their VIDEO-GAMES

to me this looks like an issue that really doesn't affect desktop users, right? only situations where someone should be allowed to execute code but not read certain portions of memory (like virtualization)?

it�s entirely possible given the dark magic that nvidia/AMD have in their drivers

# ? Jan 3, 2018 02:48

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v14.1 - Hello, is this a delivery order?

«‹›242 »