SPECTRE – Page 6 – WindowsTechs.com

Jolted by Meltdown and Spectre, Intel aims to accelerate patching process

Posted on May 3, 2019 by Sean Lyngaas

For years, software, not hardware, has dominated the cybersecurity industry’s efforts to develop a coordinated way of disclosing technology flaws. Software bugs are reported in much greater numbers, and there are far fewer researchers who specialize in hardware security. But hardware was thrust into the limelight in January 2018, when Spectre and Meltdown, two vulnerabilities that affected virtually all modern computer chips, were made public. The flaws could have allowed hackers to infiltrate a computer’s memory and steal sensitive data, or trick applications into spilling information without a user’s knowledge. While there’s no evidence either has been exploited, the revelation that they exist, and the complex patching process that followed, sparked industry-wide awareness about serious security flaws that might come embedded in otherwise trusted technology. Now, more than a year later, the vendors, researchers, and manufacturers involved are still trying to cut down on the time it takes to get hardware-related patches […]

The post Jolted by Meltdown and Spectre, Intel aims to accelerate patching process appeared first on CyberScoop.

Continue reading Jolted by Meltdown and Spectre, Intel aims to accelerate patching process→

Mitigating Spectre Variant 2 with Retpoline on Windows

Posted on April 10, 2019 by Russell Smith

The Retpoline patch for Windows 10 was originally slated to arrive in the Windows 10 May 2019 Update but the fix is now in Windows 10 version 1809, although it must be enabled manually.

The post Mitigating Spectre Variant 2 with Retpoline on Windows appeared first on Petri.

Continue reading Mitigating Spectre Variant 2 with Retpoline on Windows→

Spoiler, Use-After-Free, and Ghidra: This Week in Computer Security

Posted on March 13, 2019 by Jonathan Bennett

The past few days have been busy if you’re trying to keep up with the pace of computer security news. Between a serious Chromium bug that’s actively being exploited on Windows 7 systems, the NSA releasing one of their tools as an open source project, and a new Spectre-like speculative …read more

Continue reading Spoiler, Use-After-Free, and Ghidra: This Week in Computer Security→

RSAC 2019: Picking Apart the Foreshadow Attack

Posted on March 5, 2019 by Lindsey O'Donnell

Raoul Strackx, one of the researchers who discovered the Foreshadow speculative execution vulnerability, talks at RSA about the Catch-22 issue when it comes to fixing speculative execution flaws. Continue reading RSAC 2019: Picking Apart the Foreshadow Attack→

Google: Software is never going to be able to fix Spectre-type bugs

Posted on February 23, 2019 by Peter Bright

Researchers also devise a Spectre-like attack with no known mitigation. Continue reading Google: Software is never going to be able to fix Spectre-type bugs→

Would it be possible to exploit spectre vulnerability with typed lambda calculus?

Posted on January 23, 2019 by user3368561

In my understanding, to exploit the spectre vulnerability you need a language with an execution semantics close enough to the hardware to be able to introduce branches at will.

Semantics of typed lambda calculus are much mor… Continue reading Would it be possible to exploit spectre vulnerability with typed lambda calculus?→

An Azure Infrastructure Year in Review – 2018

Posted on January 1, 2019 by Aidan Finn

Aidan takes a look back at 2018 and discusses some of the highlights from each month. It is interesting to me how I underrated some announcements which later became significant to Microsoft customers or to me.

The post An Azure Infrastructure Year in Review – 2018 appeared first on Petri.

Continue reading An Azure Infrastructure Year in Review – 2018→

Peering Into a Running Brain: SDRAM Refresh Analyzed from Userspace

Posted on December 28, 2018 by Ted Yapo

Over on the Cloudflare blog, [Marek] found himself wondering about computer memory, as we all sometimes do. Specifically, he pondered if he could detect the refresh of his SDRAM from within a running program. We’re probably not ruining the surprise by telling you that the answer is yes — with a little more than 100 lines of C and help from our old friend the Fast Fourier Transform (FFT), [Marek] was able to detect SDRAM refresh cycles every 7818.6 ns, lining right up with the expected result.

The “D” in SDRAM stands for dynamic, meaning that unless periodically refreshed by …read more

Continue reading Peering Into a Running Brain: SDRAM Refresh Analyzed from Userspace→

Hacking Your Way to a Custom TV Boot Screen

Posted on December 7, 2018 by Tom Nardi

More and more companies are offering ways for customers to personalize their products, realizing that the increase in production cost will be more than made up for by the additional sales you’ll net by offering a bespoke product. It’s great for us as consumers, but unfortunately we’ve still got a ways to go before this attitude permeates all corners of the industry.

[Keegan Ryan] recently purchased a TV and wanted to replace its stock boot screen logo with something of his own concoction, but sadly the set offered no official way to make this happen. So naturally he decided to …read more

Continue reading Hacking Your Way to a Custom TV Boot Screen→