Announcement

Collapse
No announcement yet.

Security Researchers Detail New "BlindSide" Speculative Execution Attack

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    does it work on android too? i don't mind waiting a few minutes to get root access

    Comment


    • #32
      Looks like using full ASLR mitigates quite well (but not fully) the issue. Debian has switched to it, just like many common distros. PIE executables are now the norm, not the exception.

      Comment


      • #33
        Originally posted by loganj View Post
        does it work on android too? i don't mind waiting a few minutes to get root access
        Theoretically it should, since Android is using random Linux kernel versions that have never been updated in years.

        The big question is if ARM processors are vulnerable to this exploit at all, Cortex-A72 and Cortex-A57 and newer ARM are all using speculative execution so COULD be vulnerable in theory, older ones are using in-order execution so they cannot be vulnerable to this.

        Comment


        • #34
          Originally posted by Raka555 View Post
          Can we get a 5Ghz Cortex-A53, please...
          You can't get a secure processor with good performance. It's more a question of time and money to identify possible attack vectors for different architectures.

          Comment


          • #35
            Originally posted by Vistaus View Post
            An attack that works on an AMD CPU? Is this fake news or what? 'Cause everyone, esp. on this site, keeps saying AMD is 100% safe against this kind of stuff...
            Not at all. But some *fools* might say that.

            Comment


            • #36
              Originally posted by Vistaus View Post
              An attack that works on an AMD CPU? Is this fake news or what? 'Cause everyone, esp. on this site, keeps saying AMD is 100% safe against this kind of stuff...
              Lol, AMD is also vulnerable to Spectre. AMD fanboys just like bragging about how their CPU is bigger than everyone else's, and thus deny reality.

              Comment


              • #37
                Originally posted by sandy8925 View Post

                Lol, AMD is also vulnerable to Spectre. AMD fanboys just like bragging about how their CPU is bigger than everyone else's, and thus deny reality.
                Your QoL will improve if you ignore people who can't read something as simple as Wikipedia.

                Comment


                • #38
                  Originally posted by sandy8925 View Post

                  Lol, AMD is also vulnerable to Spectre. AMD fanboys just like bragging about how their CPU is bigger than everyone else's, and thus deny reality.
                  Performance impact on AMD with Spectre mitigations is 7%-ish vs. 30-50% for Intel with Meltdown+Spectre. And Intel knew all along that speculative execution without bounds checking would backfire badly, yet still implemented it anyway because every 1% counts when you're stuck on a process node.

                  So yes, AMD is indeed more secure and way less retarded with their designs. It's just unfortunate tech companies are so incestuous and have to CLA with each other over (possibly) faulty technology.

                  Comment


                  • #39
                    Sounds kinda advanced. And kinda evil. I'd say in all this race for speed at cheap prices something eventually got lost. Like, say, quality of implementation.

                    Comment

                    Working...
                    X