Intel Cache Poisoning Is Dangerously Easy On Linux 393
Julie188 writes "A researcher recently released proof-of-concept code for an exploit that allows a hacker to overrun an Intel CPU cache and plant a rootkit. A second, independent researcher has examined the exploit and noted that it is so simple and so stealthy that it is likely out in the wild now, unbeknownst to its victims. The attack works best on a Linux system with an Intel DQ35 motherboard with 2GB of memory. It turns out that Linux allows the root user to access MTR registers incredibly easily. With Windows this exploit can be used, but requires much more work and skill and so while the Linux exploit code is readily available now, no Windows exploit code has, so far, been released or seen. This attack is hardware specific, but unfortunately, it is specific to Intel's popular DQ35 motherboards."
Linux (Score:5, Funny)
They make it sound like a bad thing that it's easier to use your hardware on Linux =)
Queue Microsoft Trolls in (Score:1, Funny)
Re:First you need root on the box (Score:5, Funny)
It's a whole new class of vulnerabilities. In addition to remote code execution and privilege escalation vulnerabilities, we now have privilege equalization vulnerabilities. Scary stuff.
Comment removed (Score:5, Funny)
Re:Queue Microsoft Trolls in (Score:5, Funny)
Actually hackers have much more experience with Win 32 systems than Linux. So while it is easier to program this exploit with Linux, we're still ok because we have security through obscurity.
Re:First you need root on the box (Score:5, Funny)
Your post indicates that you are suffering from the wooosh vulnerability.
Re:First you need root on the box (Score:3, Funny)
Re:At the risk of causing a war... (Score:4, Funny)
Re:First you need root on the box (Score:5, Funny)
Re:Queue Microsoft Trolls in (Score:5, Funny)
"With Windows this exploit can be used, but requires much more work and skill"
That eliminates the VBS crowd, or about 99.8% of Windows 'programmers'.
Yes, but does it... (Score:4, Funny)
..run on...
Oh, nevermind.
Re:Tides have changed (Score:2, Funny)
I prefer to think of Tiger Woods as a great Thai golfer.
If somebody has physical access to a Windows box, then they can reboot it off a Knoppix Live CD, and they have the same exact problem. If somebody has the Admin password, they can do anything they want too. This only really effects cases where hostile users are running in another Virtual Machine on the box. If you need security, don't share your hardware with other people!
Re:First you need root on the box (Score:2, Funny)
Re:Queue Microsoft Trolls in (Score:3, Funny)
I think you missed the pun. To "queue" a group means to have them form a line so they can each have their turn at something.
Re:First you need root on the box (Score:3, Funny)
If only there was a Wikipedia page that explained what a rootkit is and why malware would use one!
Comment removed (Score:3, Funny)
Re:Linux (Score:5, Funny)
Oh dont worry we know your password is hunter2.