Collaborate Disseminate
What would happen if we adopted: https://make-linux-fast-again.com/
Assume the system is used for development and general browsing.
Are there any cases of these vulnerabilities being exploited in the wild, (especially by we… Continue reading How risky would it be to run a Linux kernel without Spectre and Meltdown patches on a regular desktop system?
A lot of thought and meaning goes into the naming of infamous CPU side channel flaws, like ZombieLoad, Spectre and Meltdown. Continue reading Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws
Daniel Gruss, the researcher behind Spectre, Meltdown – and most recently, ZombieLoad – Intel CPU side channel attacks, gives an inside look into how he discovered the flaws. Continue reading ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed
Is it possible to develop an application in such a way that its data in memory cant be stolen by recent attacks such as Meltdown, Spectre, Foreshadow, Fallout. Zombieload? All mitigations focus on patching hardware, BIOS or OS. But could s… Continue reading Application level protection against Meltdown, Spectre, Foreshadow, Fallout. Zombieload
By Uzair Amir
All computers containing Intel chips from 2011 onwards will be vulnerable to ZombieLoad bug. Intel processor chips have lately been accused of being flawed and unreliable in ensuring optimal computer performance and the current news furth… Continue reading Amazon, Apple, Google & Microsoft issue patches to fix ZombieLoad bug
Here are 10 top takeaways from Intel’s most recent class of Spectre-like speculative execution vulnerabilities, disclosed this week. Continue reading Intel ZombieLoad Side-Channel Attack: 10 Takeaways
Those who warned that the Meltdown and Spectre computer chip flaws revealed last year would trigger a new era of hardware vulnerability discovery were onto something. On Tuesday, Intel and a group of cybersecurity researchers published details on four new potential chip attacks that exploit the same “speculative execution” process, which is used to improve CPU performance, that was central to Meltdown and Spectre. The newly revealed security issues could allow attackers to steal sensitive data from a CPU in multiple ways. Like Meltdown and Spectre, there isn’t evidence these attacks have been executed in the wild, but the insecurities they reveal in micro-architectures demand attention from hardware owners. The colorfully named ZombieLoad attack, for example, unearths private browsing history and leaks information from a computer’s application, operating system and virtual machines in the cloud. The RIDL attack leaks information from different security buffers inside the Intel processors, while an […]
The post After Meltdown and Spectre, meet a new set of Intel chip flaws appeared first on CyberScoop.
Continue reading After Meltdown and Spectre, meet a new set of Intel chip flaws
Intel-specific vulnerability was found by researchers both inside and outside the company. Continue reading New speculative execution bug leaks data from Intel chips’ internal buffers
Intel has disclosed a new class of speculative execution side channel attacks. Continue reading Intel CPUs Impacted By New Class of Spectre-Like Attacks
AFAIK, all mitigable meltdown / spectre variants have software mitigation except for variant 3a and 4. Why is this the case?
For variant 4, a straightforward software mitigation is to place lfence before all memory load oper… Continue reading Software mitigation for variant 3a (rogue system register read) and variant 4 (speculative store bypass)