Unable to load image

Hertzbleed Attack: New CPU Vulnerability

https://www.hertzbleed.com

tl:dr I'm to r-slurred to understand this but you will probably be affected by this

Orange forum

52
Jump in the discussion.

No email address required.

What the frick did I just read and how does It affect me

Jump in the discussion.

No email address required.

Some esoteric bullshit that will never affect anyone.


:!marseybooba:

Jump in the discussion.

No email address required.

when faced with serious autism, your computer may leak secret information to an attacker because the content of secrets can influence cpu frequency. It may be possible to perform the attack via Javascript, but most likely it will never happen. Most likely, you will never be targeted with this unless you are a cloud provider or you enjoy finding and running extremely sophisticated malware. This attack seems difficult to mitigate and the only known protection for now is to fix a constant cpu frequency, which is bad for performance and power consumption.

Jump in the discussion.

No email address required.

It may be possible to perform the attack via Javascript, but most likely it will never happen.

No, following MELTDOWN/SPECTRE browser people tried to make their hardest to disable millisecond-accurate time measurements, so no.

Cloud providers could be targeted in theory.

Jump in the discussion.

No email address required.

I have no idea who is right, but the user fpoling on orange site says:

When Spectre came it turned out that it was very straightforward to implement the relevant attacks in JS. A script can use workers with shared memory access to monitor execution and get a timer with less than 100ns resolution. As the result the shared memory were disabled. Later under the presumption that relevant issues were mitigated, the shared memory was re-enabled again.

So I wonder if the shared memory will be disabled again as it may allow to monitor frequency changes.

Jump in the discussion.

No email address required.

Huh, I didn't know it was ever re-enabled. I honestly doubt that, because SPECTRE was actually two very different things: one was a bunch of genuine bugs in Intel (and possibly AMD) process isolation, for example if you tried to read memory you didn't have the right to, the instruction would set the exception flag but still return an actual value instead of say 0, which you could then leak by reading from an address dependent on the value thus loading it into the cache, before the whole speculative execution branch was discarded.

And the other half was that you can't provide memory isolation in software. Like, if you don't have your javascript interpreter in a separate process then the javascript code can use this shit to read your memory, no ifs, buts, or bugs required.

So either that was mitigated by making sure that javascript interpreters live in their own processes with no sensitive information, or by preventing them from obtaining accurate enough timing data (including via indirect means, like having workers have data races), but either way a new side channel can't break it.

Jump in the discussion.

No email address required.

nerd

Jump in the discussion.

No email address required.

At least I don't cut off my entire country's internet by tossing in my sleep.

Jump in the discussion.

No email address required.

This is correct, stuff like setInterval gets r*ped in the progress and basically all timing events

Jump in the discussion.

No email address required.

your intel/amd CPU is getting another nerf like what happened with heartbleed and spectre (those led to a 10-15% performance drop).

Jump in the discussion.

No email address required.

:gigachad: mitigations=off

Jump in the discussion.

No email address required.

It truly never began for security strags

Jump in the discussion.

No email address required.

Internet jews want to steal my hz

Jump in the discussion.

No email address required.

yes

Jump in the discussion.

No email address required.

:#marseyagreefast:

Jump in the discussion.

No email address required.

Link copied to clipboard
Action successful!
Error, please refresh the page and try again.