[Info-vax] Intel x86-64 Processor Design Security Vulnerability?
Jan-Erik Soderholm
jan-erik.soderholm at telia.com
Thu Jan 4 11:00:47 EST 2018
Den 2018-01-04 kl. 15:25, skrev DaveFroble:
> Camiel Vanderhoeven wrote:
>> Op donderdag 4 januari 2018 11:26:28 UTC+1 schreef Johann 'Myrkraverk'
>> Oskarsson:
>>> already5chosen at yahoo.com wrote:
>>>
>>>> There are two new methods of attack - Spectre and Meltdown.
>>>> Separate page tables only help against Meltdown.
>>> For people coming late to the party and aren't fully in on the
>>> difference between the two, this is Meltdown:
>>>
>>> https://twitter.com/misc0110/status/948706387491786752
>>>
>>> Spectre is harder to exploit, but also harder if not impossible
>>> to completely patch in software.
>>
>> Correct. Meltdown is easier to exploit, and enables data leaks across the
>> user mode - kernel mode barrier. This can be patched in the OS. Spectre
>> is much harder to exploit, and leaks data across the barrier between
>> different processes' user mode (and possibly even from kernel mode, but
>> that hasn't been proven). Absent a hardware fix, Spectre would require
>> changes to pretty much any and all code - both OS and application - to
>> mitigate. Just patching the codepaths that deal with sensitive
>> information would not be enough; all code in the process-to-be-protected'
>> working set would need to be patched.
>
> This is all very interesting, and I don't have a clue about how to actually
> perform such exploits, nor do I care to know. However, I think there is
> still one thing that is essential in performing any such exploits. One
> would first need access to the machine.
How do you define "access"?
You need some way to get your code to run on that machine. And there are
many ways to do that. And as I understand, the exploit doesn't need any
elevated priviledges or similar. Just user level code.
>
More information about the Info-vax
mailing list