Originally posted by birdie
View Post
Also, please understand this are hardware flaws so nasty that are barely detectable(that in most if not all cases don't or barely leave traces ) by hardcore experts that only few big companies can afford or pro white hack teams, is unreasonable to expect big flashy news like it happens with rootkits and other software base security problems and yes for business hardware is the least expensive path, if you had ever worked on Enterprise you would know that 90% of the time hardware is barely a cost compared to other parts of the business systems.
2.) https://foreshadowattack.eu/ just the first result of the first vulnerability acronym i remembered, is not that hard(there is even a youtube tutorial).
3.) the fact you imply mitigation should be applied per app proves definitely that the kernel's developers are completely right in enable all mitigation by default and ask the user to explicitly disable them.
Also as note:
Most of this attack are practically undetectable because they run inside the CPU with MORE PRIORITY(as execution ring) THAT THE KERNEL AND HYPERVISORS AND IN SOME CASES AT THE SAME LEVEL OF THE MICROCODE depending on your CPU manufacturer or silicon revision. This hardware flaws are so nasty you can even violate X86 execution rules, L1 cache integrity, SMM, NX bits, checksuming, etc.
Sure, i could agree that certain more mild flaws that could allow simple things like read from L3 caches on certain condition on affected software could be applied per application but the mitigation hit of those is negligible, the big hit come from the really nasty one like L1TF and Co.
Comment