Questions tagged [spectre]
A side-channel vulnerability from 2018, affecting modern microprocessors that perform branch prediction (such as Intel, AMD, ARM, Sparc and PowerPC), allowing user processes to read memory belonging to other processes. Affects Linux, OS X, and Windows.
95
questions
4
votes
1
answer
360
views
What does COEP do that CSP doesn't already do?
Both Cross-Origin-Embedder-Policy and Content-Security-Policy seem to do pretty similar things: they restrict the document from loading certain types of subresources (e.g. cross-origin subresources). ...
1
vote
2
answers
525
views
Are Haswell CPUs still secure? Do they still get microcode updates?
I have a Dell laptop with a Haswell CPU, and the recent Retbleed vulnerabilities made me think how vulnerable it is in general. The whitepaper implies Haswell quite a lot, but it wasn't tested. I keep ...
0
votes
1
answer
948
views
COOP and COEP: Is there an advantage to enabling COOP / COEP if I don't need to use the sharedArrayBuffer or other features?
COOP: cross origin opener policy
COEP: Cross origin embedder policy
Most of the articles on the web, related to COOP / COEP, point to the fact that by enabling COOP / COEP , your web page can use the ...
3
votes
0
answers
182
views
How to select a CPU to buy for the best security?
Various versions of Spectre, Meltdown, Foreshadow and ZombieLoad make it quite the jungle trip to navigate which CPUs are affected, how to mitigate them.
Right now, my problem is that I need a new ...
1
vote
1
answer
213
views
Are CPU side-channel attacks still a concern on VPSs
I've been looking into getting a VPS to run an OpenVPN server on and a few other things. I've been speaking to a hosting company and they have sent me this screenshot to show they are protected ...
2
votes
1
answer
815
views
Does enabling SharedArrayBuffers via service worker headers create Spectre vulnerability?
In browsers, use of SharedArrayBuffer is restricted to sites with the following HTTP headers because otherwise it exposes vulnerabilities to Spectre and Meltdown.
Cross-Origin-Embedder-Policy: require-...
1
vote
1
answer
493
views
Is protecting against Meltdown and Spectre on virtual servers actually possible?
I've been reading into the Meltdown and Spectre bugs recently and the issues they cause for virtualised servers, as memory in one VM can potentially be accessed by another user in a separate VM with ...
0
votes
1
answer
303
views
Are there any class of systems where it is safe to disable spectre and meltdown patches
I was not able to find a definite answer to the question whether it is safe to disable spectre and meltdown vulnerabilities but i could articles that suggests the defaults might be revisited & ...
2
votes
2
answers
266
views
What is the impact and threat of Spectre in Javascript?
If you have looked into this demo of Spectre in JavaScript: Did I get it right that only current site memory can be accessed, due to site isolation etc? I saw there is also an addon to detect attackts ...
1
vote
0
answers
306
views
Prefetch Side-Channel Attacks:Bypassing SMAP and Kernel ASLR
I'm trying to understand and perform the Prefetch Side-Channel Attacks:Bypassing SMAP and Kernel ASLR. The author have released the proof-of-concept code.
I'm trying to run the attack on my Intel ...
0
votes
0
answers
154
views
Secure code makes exploitation easier with CPU vulnerabilities?
I researched CPU vulnerabilities in the past, such as Specter and Meltdown.
I read that one of those attacks is made easier if the code is a certain way. I cannot remember if it was related to being ...
1
vote
1
answer
214
views
are small SOC chips also affected by Meltdown and Spectre?
How can I find out, if given CPU is affected by the Meltdown and Spectre bugs ?
My CPU is relatively older, and it is a SOC chip:
AMD GX-412TC SOC
I was not able to find, whether these chips also ...
4
votes
0
answers
291
views
What kind of attacks can hardware level memory encryption protect from?
Both AMD and Intel have introduced memory encryption at the hardware level. AMD calls this Secure Memory Encryption (SME), with the Intel version being Total Memory Encryption (TME).
What kind of ...
4
votes
1
answer
5k
views
Sacrificing 30% of my CPU performance (by disabling Hyper-Threading) to fully mitigate CPU vulnerabilities, necessary?
I used the spectre-meltdown-checker, version 0.42, without any option resulting in all-green results. But, in a help page, I found the --paranoid switch, which resulted in about a half of later CVEs ...
1
vote
0
answers
144
views
How would one compare Cache Allocating Technology against MIT's Dynamically Allocated Way Guard for prevention of the Spectre side-channel Attack?
Upon research, I'm finding it difficult to identify a way to compare each solution. Is it correct in saying both solutions are software based? Therefore, could I compare overall PC perfomance with ...