https://www.theregister.co.uk/2018/01/0 ... sign_flaw/
So nearly every processor made in the last 20 years has an security flaw that at *best* will make for a ~30-60% performance hit to cover, and and worst is completely unfixable and may allow any web page with Javascript. to read data sitting somewhere in your memory.
FUN
Entire world of computing and tech possibly doomed
Moderator: Jere
-
Kargath
- Posts: 10589
- Joined: Wed Jul 25, 2001 1:00 am
Entire world of computing and tech possibly doomed
Why is it drug addicts and computer afficionados are both called users?
-Clifford Stoll
-Clifford Stoll
-
е и ժ е я
- Supermod
- Posts: 41138
- Joined: Sun Aug 18, 2002 1:00 am
- Location: Enough. My tilde has tired and shall take its leave of you.
- Has thanked: 71 times
- Been thanked: 39 times
- Contact:
Re: Entire world of computing and tech possibly doomed
I'd actually wondered briefly if this would be possible at some point. Nasty exploit.
I muttered 'light as a board, stiff as a feather' for 2 days straight and now I've ascended, ;aughing at olympus and zeus is crying
-
I am nobody
- Moderator
- Posts: 12801
- Joined: Tue Aug 07, 2007 7:26 pm
- Location: -89.97814998,-42.2333493
- Has thanked: 1 time
- Been thanked: 36 times
-
Kargath
- Posts: 10589
- Joined: Wed Jul 25, 2001 1:00 am
Re: Entire world of computing and tech possibly doomed
More a slightly-less-bad one.
The SPECTRE attack still affects AMD chips.
https://spectreattack.com/
Why is it drug addicts and computer afficionados are both called users?
-Clifford Stoll
-Clifford Stoll
-
CaptHayfever
- Supermod
- Posts: 37409
- Joined: Tue Jul 16, 2002 1:00 am
- Location: (n) - the place where I am
- Has thanked: 149 times
- Been thanked: 40 times
- Contact:
Re: Entire world of computing and tech possibly doomed
Couldn't we just find a workaround to bypass Javascript the way we've basically bypassed Flash?
And remember, "I'm-a Luigi, number one!"
And remember, "I'm-a Luigi, number one!"
-
I am nobody
- Moderator
- Posts: 12801
- Joined: Tue Aug 07, 2007 7:26 pm
- Location: -89.97814998,-42.2333493
- Has thanked: 1 time
- Been thanked: 36 times
Re: Entire world of computing and tech possibly doomed
Creating a JS workaround that didn't break half the internet and that somehow stopped a hardware exploit would be a pretty monumental undertaking.
-
Kargath
- Posts: 10589
- Joined: Wed Jul 25, 2001 1:00 am
Re: Entire world of computing and tech possibly doomed
It's not really a Javascript vulnerability - JS is just the most obvious 'foreign thing runs on your comp' that is out there. As soon as something else can execute on your computer, that too makes your comp vulnerable. It's that bad.
Why is it drug addicts and computer afficionados are both called users?
-Clifford Stoll
-Clifford Stoll
-
CaptHayfever
- Supermod
- Posts: 37409
- Joined: Tue Jul 16, 2002 1:00 am
- Location: (n) - the place where I am
- Has thanked: 149 times
- Been thanked: 40 times
- Contact:
Re: Entire world of computing and tech possibly doomed
Welp.
My laptop is pushing 10 years old anyway. If they can develop new chips soon that don't have the flaw, I'll be on the market.
And remember, "I'm-a Luigi, number one!"
My laptop is pushing 10 years old anyway. If they can develop new chips soon that don't have the flaw, I'll be on the market.
And remember, "I'm-a Luigi, number one!"
-
Jere
- Moderator
- Posts: 5555
- Joined: Wed May 28, 2008 2:25 pm
- Location: South Lapland
- Has thanked: 2 times
- Been thanked: 3 times
- Contact:
Re: Entire world of computing and tech possibly doomed
It's dodgy and as sever as it is i haven't had the time to look into the issue to see what it is and what it does but as they say in the article:
"At best, the vulnerability could be leveraged by malware and hackers to more easily exploit other security bugs"
I kind of guessed this was a possibility since i saw this video last summer
https://www.youtube.com/watch?v=KrksBdWcZgQ
It's obscure and a bit weird so i speculate that nothing major for the general user should be in danger but companies should double check stuff atleast.
what is more interesting for general users atleast for the foreseable future is the anitivirus protection.
https://doublepulsar.com/important-info ... 52ba0292ec
"At best, the vulnerability could be leveraged by malware and hackers to more easily exploit other security bugs"
I kind of guessed this was a possibility since i saw this video last summer
https://www.youtube.com/watch?v=KrksBdWcZgQ
It's obscure and a bit weird so i speculate that nothing major for the general user should be in danger but companies should double check stuff atleast.
what is more interesting for general users atleast for the foreseable future is the anitivirus protection.
https://doublepulsar.com/important-info ... 52ba0292ec