If someone overclocks their cpu, and an attacker does some x87 operation in a tight loop for a few minutes, how confident are you a branches won't be miscalculated? Usually no security consequences for this, so vendors didn't test, It worried me
e.g.https://devblogs.microsoft.com/oldnewthing/20050412-47/?p=35923 …
-
-
This wasn't a popular opinion, people worried it would hurt adoption. It probably did, but my job is to worry about security.
2 replies 1 retweet 2 likes -
how did any check to make sure the vendor string was "GenuineIntel" stop the security issues caused by Meltdown and Spectre?
1 reply 0 retweets 1 like -
It didn't, but it likely did prevent trivial shellcode execution on some systems. Does a mitigation have to stop all vulnerabilities to be useful? That would mean there has never been a useful mitigation.
1 reply 1 retweet 1 like -
If the mitigation has shown to fail for several important vulnerabilities, it could be an idea to review if other choices would have been just as effective but without the negative side effects that originated from hardcoded exclusion of vendors. It's a spoofable string anyway!
1 reply 1 retweet 0 likes -
Can you give me an example of a successful mitigation? An attacker cannot spoof the string.
2 replies 0 retweets 0 likes -
I'm wondering if he means it's "spoofable" in the sense that something like a VMM could modify what is passed back. E.g. trap on CPUID and change the value of the registers. There are ways to get drivers loaded without a cert, but that's all I thought of. Just interjecting.
1 reply 0 retweets 0 likes -
Replying to @daax_rynd @daax_r and
Sure, but that requires you to have already compromised the system. There's no point trying to interfere with NaCl if you're already a malicious hypervisor, you've already won.
1 reply 0 retweets 2 likes -
Oh yeah of course, I'm not arguing just speculating with their original comment since he didn't answer.
1 reply 0 retweets 1 like -
Replying to @daax_rynd @daax_r and
You show that selecting on vendor string was a matter of convenience, not security, as any attack vector would involve building and distributing malicious cpus/devices. If security truly would be the issue, one mitigating measure would be to not run when hyperthreading is enabled
1 reply 0 retweets 0 likes
wat
-
-
rdwrt Retweeted Dan Luu
wat https://twitter.com/danluu/status/1203452041470730242?s=21 …https://twitter.com/danluu/status/1203452041470730242 …
rdwrt added,
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.