[Info-vax] Intel x86-64 Processor Design Security Vulnerability?

DaveFroble davef at tsoft-inc.com
Thu Jan 4 15:20:20 EST 2018 

Stephen Hoffman wrote:
> On 2018-01-04 14:25:58 +0000, DaveFroble said:
> 
>> This is all very interesting, and I don't have a clue about how to 
>> actually perform such exploits, nor do I care to know.  However, I 
>> think there is still one thing that is essential in performing any 
>> such exploits.  One would first need access to the machine.
> 
> Do you browse from any local systems on your network?

You are correct.  The network is the weak point, no matter what you do on 
individual systems that are connected to the network.  haven't figured out much 
to do for this problem.

>   Better hope all 
> the sites aren't themselves exploited.  Why?  Chrome, Firefox, Edge and 
> IE browsers are all vulnerable to Javascript containing an exploit 
> related to this mess.  Then access is available to at least one system 
> on your local network.  Once one system is breached on the local 
> network, other systems using the exceptionally high-security protocols 
> such as DECnet, telnet, FTP and cluster SCS are vulnerable (and then 
> there's that OpenVMS RCE I've been sitting on for a couple of years), 
> and games with local DNS and ARP redirects can allow interception (MITM) 
> of both unencrypted cleartext connections and encrypted connections and 
> if those cleartext encrypted connections aren't using TLSv1.2 and secure 
> algorithms or aren't checking end-point certificates or aren't checking 
> correctly...
> 
> Don't assume attackers are going to go directly at the target system.

I don't, but, that makes their job harder.  Anything that makes the bad guys job 
harder is a good thing.

> Getting past the network firewall through a down-revision browser or a 
> down-revision printer or some Apple ID social engineering or otherwise 
> works well enough for the attacker's needs, after all.
> 
> Don't assume the attackers will access the systems and the networks in 
> the same access and login sequences that developers and end-users use.
> 
> Don't assume that attackers don't end up knowing parts of your network 
> traffic and network activities better than you do, too.

Agreed.

-- 
David Froble                       Tel: 724-529-0450
Dave Froble Enterprises, Inc.      E-Mail: davef at tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA  15486

More information about the Info-vax mailing list