|
Wtf is that supposed to mean? I'd be better off with Win10 on it? Chortle.
|
# ? Jan 3, 2018 17:17 |
|
|
# ? May 25, 2024 02:06 |
|
apropos man posted:Would it be possible to have two verions of the kernel: one for Vee-Emming and one for plain desktop/laptop use? I don't wanna lose up to 30% performance. This affects non VMs as well, theoretically a Javascript payload could install a rootkit. That's how hosed this is. The problem is that this is a ring-crossing bug, that's what makes it deadly. Rings for reference. deimos fucked around with this message at 17:47 on Jan 3, 2018 |
# ? Jan 3, 2018 17:45 |
|
deimos posted:This affects non VMs as well, theoretically a Javascript payload could install a rootkit. That's how hosed this is. rowhammer was publicised in 2014, you should have been in a panic since then if this affects you
|
# ? Jan 3, 2018 17:48 |
|
apropos man posted:Would it be possible to have two verions of the kernel: one for Vee-Emming and one for plain desktop/laptop use? I don't wanna lose up to 30% performance. This is a bad idea. It looks like VM escapes (or guest-to-host/cross-guess reads, or whatever) are one possibility for this attack. They're getting a lot of attention because so many public-facing services are isolated with VMs. But that doesn't mean they're the only bad thing that can happen. Unless your single-tenant no-VM desktop is air gapped, physically secured so only you can use it, and runs only carefully audited software, you need to be able to isolate unprivileged code from kernel space. apropos man posted:Wtf is that supposed to mean? I'd be better off with Win10 on it? Chortle. Clearly your choice of OS is superior to the washed masses. Chortle.
|
# ? Jan 3, 2018 17:51 |
In the good tradition of PoC||STFU, here's some PoC: "no page faults required, massaging everything in/out-of the right cache seems to be the crux".
|
|
# ? Jan 3, 2018 17:54 |
|
Wiggly Wayne DDS posted:rowhammer was publicised in 2014, you should have been in a panic since then if this affects you Honestly, I'm basically perpetually in a panic in this industry
|
# ? Jan 3, 2018 18:23 |
|
Intel releases next generation without bug: Now with 30% more performance!
|
# ? Jan 3, 2018 18:58 |
|
CLAM DOWN posted:Thread title
|
# ? Jan 3, 2018 19:03 |
They usually say that detailed commit messages are a good thing, but maybe not in this case.
|
|
# ? Jan 3, 2018 20:03 |
|
I don’t think there’s incremental damage to be done, given the guy tweeting about a PoC.
|
# ? Jan 3, 2018 20:05 |
Subjunctive posted:I don’t think there’s incremental damage to be done, given the guy tweeting about a PoC.
|
|
# ? Jan 3, 2018 20:07 |
|
D. Ebdrup posted:A PoC without code disclosure is one thing, these are commits to the Linux kernel, so the code itself is public - I'd think that's a big bigger of an issue? I believe the embargo on the committed code isn't over yet. But yeah, the cat is out of the bag.
|
# ? Jan 3, 2018 20:08 |
|
deimos posted:This affects non VMs as well, theoretically a Javascript payload could install a rootkit. That's how hosed this is. are you positive? the writing about this made it seem to me like the bug can only read kernel memory. and that to turn it into an attack you'd need to actually use that information -- either as a target for a second vulnerability, or just stealing the leaked data itself. which is why VMs are brought up all the time. but if I'm totally misunderstanding it and you can use it to write to arbitrary memory as well then count me in on the holy poo poo bandwagon.
|
# ? Jan 3, 2018 20:18 |
|
The exploit is read only. Doesn't make it any less of a 'holy poo poo' situation though.
|
# ? Jan 3, 2018 20:21 |
|
Reading kernel memory breaks kernel ASLR, so it's basically half a root exploit on its own.
|
# ? Jan 3, 2018 20:25 |
|
The Fool posted:Doesn't make it any less of a 'holy poo poo' situation though. yeah alright, but holy poo poo in a holy poo poo OSes need to do extensive rewrites of memory management type way not a holy poo poo the world is ending way
|
# ? Jan 3, 2018 20:50 |
|
Let me introduce you to September 2017.
|
# ? Jan 3, 2018 20:55 |
|
Klyith posted:are you positive? the writing about this made it seem to me like the bug can only read kernel memory. If you can read kernel memory, getting root access is probably only a matter of jumping through some hoops.
|
# ? Jan 3, 2018 21:11 |
|
If by hoops you mean find other bugs that allow you to exploit the kernel or more privileged processes to obtain root then sure.
|
# ? Jan 3, 2018 21:21 |
|
You can probably find a private key that'll let you have root eventually, when you can read literally anything in memory.
|
# ? Jan 3, 2018 21:36 |
|
Evis posted:If by hoops you mean find other bugs that allow you to exploit the kernel or more privileged processes to obtain root then sure. I am kinda worried about Android on Arm64...
|
# ? Jan 3, 2018 21:38 |
|
Presumably this could be used to attack the VSM in Device Guard as well, since it would just exploit the kernel in the underlying hypervisor.
|
# ? Jan 3, 2018 21:39 |
|
The Fool posted:Let me introduce you to September 2017. Sorry, we are now firmly into
|
# ? Jan 3, 2018 21:41 |
|
Cup Runneth Over posted:Sorry, we are now firmly into Into 2014? Quick guys, I've got some dark poo poo to tell you about the upcoming Brexit referendum and US presidential election...
|
# ? Jan 3, 2018 21:50 |
|
Embargo is lifted.
|
# ? Jan 3, 2018 23:28 |
|
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
|
# ? Jan 3, 2018 23:34 |
|
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html as well, for less summarizing, more details.
|
# ? Jan 3, 2018 23:36 |
|
computers were a mistake
|
# ? Jan 3, 2018 23:41 |
|
Truga posted:computers were a mistake
|
# ? Jan 3, 2018 23:44 |
|
Truga posted:computers were a mistake
|
# ? Jan 3, 2018 23:48 |
|
Truga posted:computers were a mistake
|
# ? Jan 3, 2018 23:50 |
|
The Infosec Thread: computers were a mistake
|
# ? Jan 3, 2018 23:51 |
|
I liked FUCKWIT more than Meltdown.
|
# ? Jan 4, 2018 00:04 |
|
Jeoh posted:I liked FUCKWIT more than Meltdown. That was a solution, not the problem.
|
# ? Jan 4, 2018 00:09 |
|
Diva Cupcake posted:Embargo is lifted. Here is link: https://twitter.com/nicoleperlroth/status/948684376249962496
|
# ? Jan 4, 2018 00:36 |
|
The Infosec Thread: Nice Meltdown, Dude
|
# ? Jan 4, 2018 00:37 |
|
ufarn posted:The Infosec Thread: Nice Meltdown, Dude lol
|
# ? Jan 4, 2018 00:38 |
|
ufarn posted:The Infosec Thread: Nice Meltdown, Dude hell yes
|
# ? Jan 4, 2018 00:39 |
|
ufarn posted:The Infosec Thread: Nice Meltdown, Dude Mods, please.
|
# ? Jan 4, 2018 00:39 |
|
|
# ? May 25, 2024 02:06 |
|
ufarn posted:The Infosec Thread: Nice Meltdown, Dude It is our destiny.
|
# ? Jan 4, 2018 00:41 |