Mar. 2, 2019
We’re used to thinking of computer processors as orderly machines that proceed from one simple instruction to the next with complete regularity. But the truth is, that for decades now, they’ve been doing their tasks out of order and just guessing at what should come next. They’re very good at it, of course.
So good in fact, that this ability, called speculative execution, has underpinned much of the improvement in computing power during the last 25 years or so. But on 3 January 2018, the world learned that this trick, which had done so much for modern computing, was now one of its greatest vulnerabilities. Throughout 2017, researchers at Cyberus Technology, Google Project Zero, Graz University of Technology, Rambus, University of Adelaide, and University of Pennsylvania, as well as independent researchers such as cryptographer Paul Kocher, separately worked out attacks that took advantage of speculative execution.
May. 22, 2018
Both Google and Microsoft researchers discovered the bug independently. The bugs work similarly to the Meltdown and Spectre bugs, a reason why they were classified as ‘variant 3a’ and ‘variant 4’ instead of separate vulnerabilities altogether. Variant 3a is a variation of the Meltdown flaw, while Variant 4 is a new Spectre-like attack.
The most important of these two is Variant 4. Both bugs occur for the same reason —speculative execution— a feature found in all modern CPUs that has the role of improving performance by computing operations in advance and later discarding unneeded data. The difference is that Variant 4 affects a different part of the speculative execution process —the data inside the ‘store buffer’ inside a CPU’s cache.
May. 15, 2018
The new bunch of Spectre-like flaws revealed last week won’t be patched for at least 12 days. German outlet Heise, which broke news of the eight Spectre-like vulnerabilities last week has now reported that Intel wants disclosure of the flaws delayed until at least May 21. Last week, Heise noted that one participant in the planned coordinated release would include a Google Project Zero disclosure, which as far as The Register can discern has not yet happened.
Apr. 4, 2018
Some Intel processors will not receive security patches for the Spectre (variant 2) side-channel analysis attack.
Source: thehackernews.com
Mar. 18, 2018
Both attacks rely on using high-speed timing measurements to detect sensitive information, so somewhat counterintuitively, the patches had to decrease the speed of seemingly mundane computations. The first change was to slow down the performance API for web browsers, which had previously been able to analyze the behavior of a page at speeds fast enough to be used in an attack; the second change removed SharedArrayBuffer, a new kind of data structure atop which similar timers could be trivially rebuilt. Similar changes were also soon also implemented by Microsoft for Internet Explorer and Edge browsers and also by WebKit, a tool for viewing the web that is used to build Safari, Mobile Safari, Android Browser, and the dedicated browsers embedded on many other devices.
Mar. 16, 2018
The problem that night for Singhal, who oversees the development of the architecture for all of Intel’s processors, was that something was wrong with the patches. Among all the millions and millions of computers in use around the world running Intel CPUs, one of the patches for Spectre was causing some computers to freeze up or spontaneously reboot. Though only affecting a tiny proportion of the market, the problems were widespread enough to spook PC makers and prompt a temporary recall of the updated software.
Mar. 14, 2018
When the Spectre and Meltdown vulnerabilities were revealed in millions of processors earlier this year, those deep-seated vulnerabilities rattled practically the entire computer industry. Now a group of Israeli researchers is outlining a new set of chip-focused vulnerabilities that, if confirmed, would represent another collection of flaws at the core of computer hardware, this time in a processor architecture designed by AMD. But the researchers now also face their own questions: about the hype they’re piling onto those revelations, the timing of their disclosure to AMD, and even their financial motivations for their work.
Mar. 13, 2018
The Meltdown and Spectre vulnerabilities in modern CPUs from Intel/AMD/ARM revealed surprising attack vectors in computing. Everything from low level Operating System Kernel components to JavaScript running in Billions of browsers could be exploited by using Spectre variants 1 and 2.
Source: react-etc.net
Mar. 10, 2018
A new variation of the Spectre attack has been revealed this week by six scientists from the Ohio State University. Named SgxSpectre, researchers say this attack can extract information from Intel SGX enclaves. Intel Software Guard eXtensions (SGX) is a feature of modern Intel processors that allow an application to create so-called enclaves.
This enclave is a hardware-isolated section of the CPU’s processing memory where applications can run operations that deal with extremely sensitive details, such as encryption keys, passwords, user data, and more.
Mar. 2, 2018
In this demo, we will dump user data without reading it. If you translate the code into Javascript, you could dump IE browser data.
Source: github.com