By: dmcq (, July 15, 2022 4:54 am
Room: Moderated Discussions
anon2 ( on July 14, 2022 6:40 pm wrote:
> anon2 ( on July 14, 2022 5:37 pm wrote:
> > Anon4 ( on July 14, 2022 5:05 pm wrote:
> > > anon2 ( on July 14, 2022 4:29 pm wrote:
> > > > No it wasn't, it was BTB poisoning to influence indirect branches.
> > > > Branch direction forwards or backwads is not relevant.
> > >
> > > I've had my head to much on CFI recently.... forward edge, obviously branch direction is not relevant.
> >
> > There seems to be nothing about "forward edge" in spectre vulnerability. It is about indirect
> > branches which use the BTB, return branches can be such indirect branches on these CPUs.
> >
> > >
> > > > Some CPUs use BTB for return branches in some situations. This is not somehow new nor was unknown at the
> > > > time. It was explicitly called out in a public discussion about the fix several years ago, actually.
> > >
> > > And was thought not to be exploitable, some people thought it was exploitable
> >
> > That's what I said. Nothing new from hardware standpoint, the only problem is incomplete mitigation
> > for spectre v2. Or if you really want to quibble about semantics, the fact remains that the exact problem
> > was known about and called out when the fix was being discussed. No new hardware vulnerability discovery,
> > this is exploitation of known hole in known incomplete software fix for spectre v2.
> >
> > > however they could not come up with a practical attack at the time.
> > >
> > > Given the mitigation cost no one was going to roll out an expensive speculative (sic) mitigation against
> > > an attack which was not thought to be practical at the time. That 'expensive' is in money, performance
> > > losses cost real money for the hyperscalers and major ones can make a service economically unviable.
> >
> > Aside, many such security issues that are fixed have *actual* practical attacks
> Correction: Do NOT have actual practical attacks demonstrated.
> They may jump through very careful hoops to make it appear as though they have demonstrated
> a practical attack, for example implementing a PoC that gets around some particular data
> protection mechanism and do it in Javascript and have it work in laboratory conditions,
> and then draw insinuations or imply (or allow the "tech" press to draw the line) that therefore
> if you click on a web page it can steal your credit card number and bitcoins.
> Of course this is all great business for "security researcher" job security so they do it deliberately
> and very few have any intention to even try to develop objective metrics, publish retrospectives
> showing how much these security issues are exploited, or give reasonable advice such as don't
> use hardware shared with untrusted user if you are paranoid and don't trust that we found all
> problems and didn't make multi-year mistakes on issues such as this one.
> /end rant
> > demonstrated. Most of this security patching and mitigation has no objective
> > measurement or even metrics that can inform the benefit of fixes.

Not sure what that rant was in aid of. Shooting the messanger? There are lots of hckers around and they are willingto spend a lot of time doing things that I would never have thought of to hack into systems. It isn't all people engineering - there are people willing to spend the effort to crack into systems using technical means so they can extract a million or two in bitcoin.
< Previous Post in ThreadNext Post in Thread >
TopicPosted ByDate
Retbleedanonymous22022/07/13 03:14 PM
  Retbleedanon22022/07/13 10:03 PM
    RetbleedAdrian2022/07/14 12:05 AM
    RetbleedAnon42022/07/14 02:17 PM
      Retbleedanon22022/07/14 04:29 PM
        RetbleedAnon42022/07/14 05:05 PM
          Retbleedanon22022/07/14 05:37 PM
            Retbleedanon22022/07/14 06:40 PM
              Retbleeddmcq2022/07/15 04:54 AM
                Retbleedanon22022/07/17 07:17 AM
              RetbleedMichael S2022/07/15 07:08 AM
                RetbleedBen T2022/07/16 05:06 AM
                  RetbleedMichael S2022/07/16 11:41 AM
                    Public cloud infrastructureBen T2022/07/16 04:50 PM
                      Public cloud infrastructureRayla2022/07/16 09:15 PM
                      Public cloud infrastructureme2022/07/17 09:19 AM
                      Public cloud infrastructureBrett2022/07/18 12:38 PM
                        Public cloud infrastructureAdrian2022/07/18 01:19 PM
                          Public cloud infrastructureme2022/07/18 03:54 PM
                          Public cloud infrastructureBrett2022/07/20 03:35 PM
                            Public cloud infrastructureBrett2022/07/21 01:18 PM
                              Public cloud infrastructureinthestratosphere2022/07/21 02:46 PM
                                Public cloud infrastructureBrett2022/07/21 10:38 PM
                                What’s needed for a viable Apple server?Ben T2022/07/22 05:31 AM
                                  What’s needed for a viable Apple server?Michael S2022/07/22 09:09 AM
                                  More DRAM capacity?Mark Roulo2022/07/22 09:48 AM
                                    More DRAM capacity?Doug S2022/07/22 11:05 AM
                                      More DRAM capacity?Mark Roulo2022/07/22 11:20 AM
                                        More DRAM capacity?Doug S2022/07/22 01:48 PM
                                    More DRAM capacity?Wes Felter2022/07/22 04:49 PM
                        Public cloud infrastructureanon22022/07/18 04:25 PM
                      Putting 12 processor packages in a 1U serverBen T2022/07/22 10:02 PM
                        Putting 12 processor packages in a 1U serverrwessel2022/07/23 07:15 AM
                        Putting 12 processor packages in a 1U serverDaniel B2022/07/23 04:15 PM
                          Putting 12 processor packages in a 1U serverBen T2022/07/24 05:29 AM
                            Multi-system cluster design spacePaul A. Clayton2022/07/24 08:49 AM
            RetbleedAnon42022/07/15 03:00 AM
          RetbleedMichael S2022/07/15 06:59 AM
      Retbleed---2022/07/15 11:14 AM
Reply to this Topic
Body: No Text
How do you spell tangerine? 🍊