What evaluation do you suggest? It's a useful primitive, but investing in developing it into a full attack when defenders are trying to mitigate it obviously reduces its value.
-
-
Replying to @taviso
I have the example of negatively sampling attempts with instrumentation as part of the patch. That won’t measure successful attempts but could approximate volume. I’ll be the first to say it’s not perfect and I don’t have a perfect suggestion
1 reply 0 retweets 0 likes -
Replying to @dwizzzleMSFT
We don't measure severity by number of compromises anymore, and competent attackers aren't just blindly running autopwn. If for some reason you just want a guesstimate for how many kiddies there are, then that's much easier but doesn't seem useful.
1 reply 5 retweets 17 likes -
Replying to @taviso
If you think measuring widespread attacks is not valuable I dunno what to tell you
1 reply 0 retweets 0 likes -
Replying to @dwizzzleMSFT
I said "we don't measure severity by number of compromises", how do you get to "measuring widespread attacks is not valuable" from that?
1 reply 0 retweets 2 likes -
-
Replying to @dwizzzleMSFT
I meant isn't useful in this context - how many kiddies there are doesn't have any relationship to how bad things would have been if we didn't invest the effort into cleaning up rowhammer, but the instrumentation only measures how many kiddies there are.
1 reply 0 retweets 6 likes -
Replying to @taviso @dwizzzleMSFT
Give me a guesstimate how much it would cost to turn speckhammer into a profitable professional azure compromise - $1M? You need staff, dev, ops, etc and it's risky. But once you patched it, seems really hard to recoup that. Instrumentation only measures opportunistic attempts.
1 reply 0 retweets 2 likes -
Replying to @taviso
agree measurement has tons of limitations and also agree with costs. So let’s not measure anything?
1 reply 0 retweets 0 likes -
Replying to @dwizzzleMSFT
I want the data as much as you do, I just don't see how to get it. Is the popemobile useless because nobody has tried to shoot it? No, that doesn't prove the threat was overblown, if it wasn't there, someone could have tried...right?
2 replies 0 retweets 5 likes
I think you're saying that because some random places aren't patched, we would have seen evidence of attacks there. My point is that isn't true, targeted attacks care about who the victim is, by definition.
-
-
Replying to @taviso
Nope I’m not asserting this at all. I’m saying it’s interesting we haven’t and I’m wondering the reasons why
1 reply 0 retweets 1 like -
Replying to @dwizzzleMSFT @taviso
Meltdown itself is really only useful operationally when combined with KASLR infoleak — which if you have, Meltdown only removes the need to reuse for subsequent reads. Apart from the whole “reading kernel secrets” issue (which requires a lot of finicky grooming), it’s hype imo.
1 reply 0 retweets 0 likes - 6 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.