Thanks to bitt for the ping!!
Posted on 01/05/2018 6:33:00 AM PST by Red Badger
Thanks to bitt for the ping!!
I noticed this morning a Windows update for Intel is currently installing on my laptop. Makes me a little anxious.
This update I mentioned above....took about 5 minutes and my screen went blank a few times and then it was back to normal. I don’t see the update listed on my system and it was not a MSFT update but rather an Intel Display update.
We got a frantic call yesterday from an aquaintance who was concerned about this latest revelation about the devices we all use. He has been a serial philanderer for years. In the past he told us that he prefers to text his girlfriends because it is more “secure” than calling them on the phone.
He says his “girlfriends” could record phone conversations and use them against him later. Neither type of communication had any real security. But we pointed out that texting typically leaves a written record on at least two devices that could easily be found by a third party. Just ask Anthony Weiner how safe it is to text underage girls.
There are no electronic communications that are transmitted over the air or over the internet that are completely secure. Even devices that are hardwired together have their vulnerabilities.
The major “flaw” is in the way that the public perceives security in electronic communications. The public’s perception has been shaped by misinformation provided by corporate and government interests.
This latest overhyped electronic security issue is just another reminder to take reasonable precautions with the devices you depend on. It could but is not likely to cause anyone’s wife to find out about their misdeads.
are you thinking it’s not going to be a bid deal really? This Vulnerability has been present for decades now- and it doesn’t seem that hackers have exploited it yet? Or did the hackers just recently learn about this as did we?
[[The public’s perception has been shaped by misinformation]]
Why all you need is pcmatic and you’ll never get viruses again lol
Thanks to RedBadger for posting.
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
You forgot something. Let me fix it for you.
Why all you need is pcmatic and you’ll never get viruses again, just send us money and let us have full access to your computer! lol
There. Fixed.
I think the problem with exploiting it is targeting something specific. If you’re trying to get passwords - good luck. You get access to “some area of memory” you shouldn’t but I don’t believe it is easy to target specific areas. Even if you read some memory where a password exists, would you know it is a password?
I think this ends up being a “fishing” exploit, where even if you catch something, can you tell what was caught? Also consider the amount of RAM in a modern machine, that’s a lot of memory to sift through, getting just fragments of “something”. That this can be done from Javascript though is troubling.
And yes, it was just “discovered” mid 2017. With patches going out I doubt the hacker world will really be able to do anything harmful (in time), and therefore probably not try.
Nothing is ever completely secure.
It’s been talked about for a couple of years. It’s mainly side channel access and that means for starters the bad guys have to get into your computer to run specialized instructions. It’s not going to work from javascript contrary to the FUD. If the bad guys are in your computer, then they can probably get anything they want without this bug.
Seems to be a privacy exploit, but they don't say whether they control the addresses of the browser memory. With the native implementation they claim they get the entire memory. So obviously the Javascript implementation is less capable than that.
...and this particular story has been repeated at least three or four times over the past week, every time by The Guardian.
'Scuse me, but ain't this becoming just the least bit a gram of information with a metric ton of Click Bait?
(No, I don't trust The Guardian....or most any media outlet...so I'll just pose the question and then slink back into Lurk Mode with my tinfoil hat back on my head again...)
Oopsie.
My claim that this was published “every time by The Guardian” was in error.
However, I don’t see much difference between CNN, Popular Science, etc and The Guardian, so I’ll continue wondering about Click Bait....
The mainstream media and all of the tech press is going to town on this processor flaw because it is akin to the silicon gods having feet of clay. The non-techies in the press are having a field day because this flaw in the processors has been in existences for twenty-two years and the assumed perfection of computers is shown to be non-existent. They are glorying in the hubris these companies have claimed for all those years. . . ignoring the huge 24" X 24" timber in their own eyes of imperfection in the fake news media.
Also VN, there still may be SOME visitors to FreeRepublic that have not yet seen this (I sincerely doubt this) but when these articles do appear, those may need to know not too worry inordinately about the hype being tossed around about how this will end the computer world; it won't.
I am trying to let people know in the Apple world that first of all, a month ago, Apple updated both of its primary operating systems to mitigate against the flaws, and also that for mobile devices it requires physical access and passcodes.
The other take away, which includes all Intel computers, is that for either of these vulnerabilities is that there have been no EXPLOITS yet found in the wild.
Thanks. Good to know my suspicious mind is still batting at least .500.
Somewhat off topic, but “...and the assumed perfection of computers is shown to be non-existent” really made me ROFL.
Been working with analog and digital computers since the early 60’s and one of the very first rules that I was taught (and passed on to all of my students) was:
“Computers are wonderful.
Computers are really, really fast and can present very, very accurate results.
Those results, however, are exactly as good or bad as both the programming and the input data, which means if you put in crap you’ll get a wonderful printout that’s absolute BS.
Summary: Let it munch numbers all you want, double and triple check everything in or out but absolutely don’t EVER let that box do your thinking for you.”
Amen, brother, amen!
I would have freaked................
I just about freaked myself!! I was online posting here at FR!!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.