Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II
‎08-18-2018 09:30 PM
‎08-18-2018 09:30 PM

Foreshadowing the end of computing as we know it ...

Like I told you, it's all about having multi-core CPUs and race conditions.

 

First came Spectre and Meltdown.

 

Now we've got Foreshadow, which can grab protected information even under virtual machine and hypervisor situations.  (That is a good overview paper, but you can also get some random discussion from Twitter.)

 

But this stuff isn't new.  Apparently someone found a four byte jump from ring 3 (user space) to ring 0 (the root kernel) in old x86s.  (Don't know why they bothered, since almost everyone ran everything in root mode anyway, but ...)


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
0 Kudos
2 Replies
Beads
Advocate I
‎08-20-2018 04:42 PM
‎08-20-2018 04:42 PM

VMWare poke one of my admins this morning with just such a warning or to be more succinct a corporate CYA moment. 

 

Since following this vulnerability since last week and see the natural progression from theory to NMap to some exploit code but nothing wide spread yet or is this actually being exploited under our noses without notice?

Thus far it appears that you'd have to be near the hypervisor itself while reading a vulnerable machine through a tunnel while conversing with a free range unicorn under cover of darkness.

 

Thus far I am not seeing the opportunity to win this trifecta several times in a row or at least in this environment.

 

Could someone give me a reasonable scenario or example of exploitation, please?

 

B/Eads

Reply
0 Kudos
rslade
Influencer II
‎08-20-2018 07:54 PM
‎08-20-2018 07:54 PM

> Beads (Contributor II) posted a new reply in Industry News on 08-20-2018 04:42

>     Since following this vulnerability since
> last week and see the natural progression from theory to NMap to some exploit
> code but nothing wide spread yet or is this actually being exploited under our
> noses without notice?

Nope, no exploit yet.

Yeah, I figure you're right: it'd be pretty specialized. However, it does indicate
how bad and complicated the race condition problems are, and that it needs ot be
fixed.

I remember reviewing a book on optimization, with a great quote on the topic:
"Optimizations always bust things, because all optimizations are, in the long haul,
a form of cheating, and cheaters eventually get caught."
- Larry Wall

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting frowned upon?
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
0 Kudos