BC firm's materials in space
$10K discrimination ruling
Quesnel pulp mill sold
Inquiry into B.C. port strike
Is decaf coffee bad for you?
Ex-cop tries to quash charge
PM pledges deportations
Trump trial arguments begin
Ghost guns to high court
Nude Beverages sells line
Wealth gap widening
Canadian Honda EV plant 
Leafs even series
Cristall gets pro look
Warriors even series in OT
Swift breaks Spotify record
Cudi Coachella set cut short
Bon Jovi 'hasn't been a saint'
Security exploit
-
Ub2
- Generalissimo Postalot
- Posts: 774
- Joined: Mar 22nd, 2009, 8:11 pm
Security exploit
I came across this article on the Engadget website yesterday, as they describe as a serious un-fixable security exploit for those with older Intel machines.
http://www.engadget.com/2015/08/08/intel-memory-sinkhole-flaw/
http://www.engadget.com/2015/08/08/intel-memory-sinkhole-flaw/
-
36Drew
- Grand Pooh-bah
- Posts: 2722
- Joined: Mar 29th, 2009, 3:32 pm
Re: Security exploit
The whitepaper: https://www.blackhat.com/docs/us-15/materials/us-15-Domas-The-Memory-Sinkhole-Unleashing-An-x86-Design-Flaw-Allowing-Universal-Privilege-Escalation-wp.pdf
There's already POC code out there for this: https://github.com/xoreaxeaxeax/sinkhole
Of course, every has jumped all over this with "ZOMG, we're all doomed!!!" type articles.
A more rational analysis of the exploit and the whitepaper: http://www.tomshardware.com/news/blackhat-x86architecture-vulnerability-disclosed,29800.html
TLDR; Yes, this is a real vulnerability. It's also incredibly difficult to pull off.
"The course granularity of the APIC position, combined with the inability to effectively control the APIC data, makes the vulnerability extremely difficult, but not impossible, to apply in practice"
There's already POC code out there for this: https://github.com/xoreaxeaxeax/sinkhole
Of course, every has jumped all over this with "ZOMG, we're all doomed!!!" type articles.
A more rational analysis of the exploit and the whitepaper: http://www.tomshardware.com/news/blackhat-x86architecture-vulnerability-disclosed,29800.html
TLDR; Yes, this is a real vulnerability. It's also incredibly difficult to pull off.
"The course granularity of the APIC position, combined with the inability to effectively control the APIC data, makes the vulnerability extremely difficult, but not impossible, to apply in practice"
I'd like to change your mind, but I don't have a fresh diaper.
-
Ub2
- Generalissimo Postalot
- Posts: 774
- Joined: Mar 22nd, 2009, 8:11 pm
Re: Security exploit
36Drew wrote:A more rational analysis of the exploit and the whitepaper: http://www.tomshardware.com/news/blackh ... 29800.html
It's been awhile since I've been on the Tom's website.
That's a good link -- thanks for posting it.