Researchers Discover SplitSpectre, a New Spectre-like CPU Attack (zdnet.com) 48
An anonymous reader writes from a report via ZDNet: Three academics from Northeastern University and three researchers from IBM Research have discovered a new variation of the Spectre CPU vulnerability that can be exploited via browser-based code. The vulnerability, which researchers codenamed SplitSpectre, is a variation of the original Spectre v1 vulnerability discovered last year and which became public in January 2018. The difference in SplitSpectre is not in what parts of a CPU's microarchitecture the flaw targets, but how the attack is carried out. Researchers say a SplitSpectre attack is both faster and easier to execute, improving an attacker's ability to recover code from targeted CPUs. The research team says they were successfully able to carry out a SplitSpectre attack against Intel Haswell and Skylake CPUs, and AMD Ryzen processors, via SpiderMonkey 52.7.4, Firefox's JavaScript engine. The good news is that existing Spectre mitigations would thwart the SplitSpectre attacks.
Missing Information (Score:4, Interesting)
I realize that it's a bit of speculation but it seems like a reasonable conclusion.
I know it might surprise some people but not all recent processors are vulnerable. For example, according to intel, in their i7 lineup only their 45nm and 32nm process chips are vulnerable.
Re: (Score:2, Informative)
linux has microcode updates as well! (Score:3)
linux has microcode updates as well!
Re:Missing Information (Score:5, Informative)
Intel has provided microcode updates for most CPU lines.
For odd definitions of "most". Out of the 221 processors Intel have microcode updates for, 49 have updates from 2018. The rest do not.
Re: (Score:2)
Intel has provided microcode updates for most CPU lines.
For odd definitions of "most". Out of the 221 processors Intel have microcode updates for, 49 have updates from 2018. The rest do not.
Really it depends on which chips sell the most. The top 20 of that 221 probably account for over half the sales.
Re:Missing Information (Score:5, Funny)
Are you speculating whether or not you're vulnerable to speculation attacks..?
jesus christ on a raft... (Score:2)
Re: (Score:1)
I'm going to start coding with a stick writing in the sand, it's much safer than what Silicon Valley does with it.
So you're leaving silicon valley to go to a silicon beach? I don't know which is scarier, a spectre or a hurricane.
Re: (Score:2)
Re:jesus christ on a raft... (Score:5, Funny)
time to dig out my old kim-1 and forth env.
Sorry, but security researchers have recently discovered that due fundamental architectural issues, a hypothetical malicious program could trivially access *all* of the data on any 6502-based system.
They laughed (Score:4, Insightful)
Oh you, managed languages are safe.
Okay so they aren't, but sandboxes are safe.
Okay alright there are bugs, but virtual machines are safe.
So about thos' virtual machines...
Yeah fuck you, throw another layer on, what does it matter.
Maybe its time to rething - Linus (Score:2)
Maybe its time to re-think not enabling the mitigations in the Linux by default?
This looking more exploitable in the wild all the time
Re: (Score:3, Insightful)
No, Linus is right. The performance impact of the patches is big.
If you have up to date browser then you do not have a problem. Resolution of timers available from scripts is lowered to make this attack infeasible.
If you are running executable from web then you have much bigger worry than spectre. The executable can damage you directly instead of trying to rely on a a "cooperation" of another process.
These bugs are mostly a serious worry for companies renting virtual machines where executables run in the im
Re: (Score:1)
Re: (Score:3)
Re: (Score:2)
Why is this marked insightful? This has nothing to do with "browsers" or the "web".
It has a LOT to do with browsers and web. It has a lot to do with anything which runs a code downloaded somewhere from internet. Browsers with their java script engines are the first and the most easy target That is because the browsers run any java script from any hacked or malicious web site. Some email clients can interpret java script too. Disable java script in email client (if it executes it at all - most probably do not do it nowadays). Disable java script in browser or update the browser. It is reco
Vulnerabiliy Fatigue (Score:1)
The bigger and unspoken problem with these vulnerabilities and breaches that we've been seeing lately is that they all create significant penalties for the consumers along with a sense of being unable to do anything about them. People feel that the problems that can be fixed do so at the cost of time, and effort to patch, along with a near 50% reduction in power. Basically rendering their expensive computers impotent and useless paper weights. They also suffer a sense of hopelessness as there is little or n
New way to skin a DEAD cat! (Score:2)
Seriously - so they found another way to abuse spectre that still doesn't work with existing mitigation - what is exactly the important news here?