[Info-vax] Intel x86-64 Processor Design Security Vulnerability?

Stephen Hoffman seaohveh at hoffmanlabs.invalid
Thu Jan 4 11:33:58 EST 2018


On 2018-01-04 14:25:58 +0000, DaveFroble said:

> This is all very interesting, and I don't have a clue about how to 
> actually perform such exploits, nor do I care to know.  However, I 
> think there is still one thing that is essential in performing any such 
> exploits.  One would first need access to the machine.

Do you browse from any local systems on your network?   Better hope all 
the sites aren't themselves exploited.  Why?  Chrome, Firefox, Edge and 
IE browsers are all vulnerable to Javascript containing an exploit 
related to this mess.  Then access is available to at least one system 
on your local network.  Once one system is breached on the local 
network, other systems using the exceptionally high-security protocols 
such as DECnet, telnet, FTP and cluster SCS are vulnerable (and then 
there's that OpenVMS RCE I've been sitting on for a couple of years), 
and games with local DNS and ARP redirects can allow interception 
(MITM) of both unencrypted cleartext connections and encrypted 
connections and if those cleartext encrypted connections aren't using 
TLSv1.2 and secure algorithms or aren't checking end-point certificates 
or aren't checking correctly...

Don't assume attackers are going to go directly at the target system.

Getting past the network firewall through a down-revision browser or a 
down-revision printer or some Apple ID social engineering or otherwise 
works well enough for the attacker's needs, after all.

Don't assume the attackers will access the systems and the networks in 
the same access and login sequences that developers and end-users use.

Don't assume that attackers don't end up knowing parts of your network 
traffic and network activities better than you do, too.




-- 
Pure Personal Opinion | HoffmanLabs LLC 




More information about the Info-vax mailing list