Posted on 01/04/2018 6:45:29 AM PST by Red Badger
What about puppies?
Can we have puppies?......................
Thanks to ShadowAce for the ping!!
Sorry to rain on your parade, but people who practice safe computing can still be compromised by malware, ransomware, etc. Ads that pop-in from even Google's ad rotations have been known to carry malicious content added after they've been vetted by Google. This is one of the known ways RansomWare has been pushed onto supposedly locked down computer networks.
Another way with Meltdown could be exploited is to hide malicious code in a steganographic image that could be called by a process loaded in another "look ahead" loaded into another. Javascript was just one modality of attack presumed as a means of using this vulnerability. The real problem associated with Meltdown and the look-ahead processing is that it can be exploited by so many other means until a way is found to vet the looking ahead processing that now is independent of any such vetting. ANYTHING can be stuck in there. If it IS useful to what is needed, it's used. If not, it's discarded. That look-ahead has access to the bus. . . and any data on it.
All a bad actor has to do is figure out how to insert his code in there—and no, it does not have to be a .exe file, just machine code—and it WILL be processed.
PLUS.....if a malware, virus or bad code is ‘new’ and never seen before, the ANTI-virus programs won’t know it and won’t do anything, just like your body’s immune system..........
Hey, Jeremiah, that is an Intel Core Letter "I" 7, not ONE SEVEN . . spoken: "EYE SEVEN."
You are not alone in this. A lot of people in the Apple world erroneously talked about the Mac OS EX. . . when it was actually a Roman Numeral for TEN, Mac OS TEN, with a pun for the underlying UNIX operating system. . . now they are referring to the new iPhone EX. . . when it is actually the iPhone TEN, also a Roman Numeral with the pun being it's the tenth anniversary iPhone.
“...Aw, I’m running 10.10.5 Yosemite and have been reluctant to upgrade. Heard Hi Sierra can really slow down an older machine....”
I’m running 10.13.2 High Sierra on a mid-2010 iMac w/32gb of ram, and it hasn’t slowed this old beast down a bit. Of course, I’m not compiling mountains of raw computer code...just email, web browsing and real-time streaming market data.
But I think the fact that the current types of attacks have been talked about: https://pdfs.semanticscholar.org/e544/00824814fed2ef52bb84151b2fc04c863e99.pdf but not exploited from vectors like Javascript should be reason enough to not be too concerned.
Another way with Meltdown could be exploited is to hide malicious code in a steganographic image that could be called by a process loaded in another "look ahead" loaded into another.
As I have been pointing out, in every comment I have made, that requires running malicious code. It doesn't matter if that malicious code triggers other malicious code stegged into an image. It requires malicious user-mode code to start with.
All a bad actor has to do is figure out how to insert his code in there—and no, it does not have to be a .exe file, just machine code;and it WILL be processed.
Sure machine code will be processed. But arbitrary machine code cannot be processed from Javascript unless there is a bug in the JS machine that allows that. There have been such bugs, but this CPU flaw does not make them more likely. Also protections built into JS machines after rowhammer (which never really worked) also preclude the use of this CPU flaw.
Bottom line: malicious code has to run. There are not so many means to do that. Javascript is not one, nor is Flash, nor Java. I would not be too concerned. But given my second PDF link above, I would not be complacent either. I would practice safe computing even more vigorously given the new situation with Intel.
That's why I don't use or recommend AV except for the built-in Windows Defender since I have no good reason to turn it off. My point is to practice safe computing to avoid running malicious code. You don't need AV to do that.
why not? I thought linux was more secure on internet? Do these exploits affect linux more than windows?
[[If you don’t run malicious executables then the intel flaw can’t be exploited.]]
If this is true, then linux users should be very well protected against the intel flaw because it can’t run windows based malicious executables, right?
That’s an old pic which just increases its worth. Funny as hell. Thx.
I was trying to distinguish those from javascript, java, python, flash, ruby, or other scripted or interpreted languages that cannot run arbitrary (and very rarely used) instructions. Those instructions are generally needed (but not 100% of the time) to run these types of sides channel attacks. Also the timing of the instructions can be important and the scripted languages don't give a lot of control over timing.
No, it will not be sufficient. Anti-virus will also not be sufficient.
But at the same time, it’s hard to say yet exactly how easy this problem is to actually exploit against you - assuming you aren’t somehow tricked into downloading malicious software.
Thank you. I take care never to download any malicious software since I know my limits. Limits are basically typing and copy/pasting...
Mine’s about a yr newer than yours. Might try it. Just wish there was a way to revert if needed.
Thanks for clearing that up- do you think there would be many ELF executables written whereas linux isn’t as popular an os? I can patch my windows system, but not sure if linux will have a patch as well? Or is it just dependent on patchign the intel stuff and linux will then be protected somewhat too?
Patching is a somewhat different issue. I don't know how things will be patched but I do know that it won't require patching every EXE and ELF. That's because non-malicious EXEs and ELFs are not a problem. I think the patching will be in the kernel, but I'm not sure how you stop the potentially malicious behavior. One possibility may be to not patch anything but to add another layer of behavior-based defense. That would be a relatively simple monitoring program (probably added to the kernel) that would monitor for particular bad behavior by user mode EXEs or ELFs. The reason why behavior-based defense may be possible is that side channel attacks exhibit very distinct repetitive behavior they must repeat millions of times to execute an attack.
Then the first job of an attacking program would be to try to kill the monitor. But that's an arms race that is familiar to antivirus people. Perhaps antivirus vendors will add the capability, or perhaps the OS vendors or open source Linux kernel people will have to do it. Ultimately the chip vendors will have to fix it.
The updates exist and are out there, but if your antivirus software vendor hasn’t updated their code if they didn’t already support not making these calls to your hardware incorrectly, then you won’t see the update appear in windows update (there has to be a specific registry key present).
Look upthread just a bit at my last post and you’ll see a link there. I believe that is a much better explanation of what is going on and how to manage/fix the issue.
“...Mine’s about a yr newer than yours. Might try it. Just wish there was a way to revert if needed....”
I run a backup with Carbon Copy Cloner before I do any update and save it to an external drive. IF, for any reason, I needed to revert back, I can restore to my previous backup. I’ve never actually had to do it...at least not so far, but I believe it would work if I needed to.
FWIW, my machine is a 27” iMac 2.93 Ghz I7 w/32gb of ram and an updated 2TB hard drive. I’ve had no issues with High Sierra 10.13.2 on this older machine, but like I said, I’m not compiling mountains of hard core raw computer data either...just email, web browsing and real-time streaming of stock data. However, on any given weekday while monitoring the stock markets, I’ll have as many as 7 desktops open at any one given time. I have an another external Asus 27” monitor in vertical mode tied on as well. To date, I’ve not had any stability issues with the OSX.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.