67446dcdca30f

Page: [1] 2 3 »
67446dcdcb3d4
8 Guests are here.
 

Topic: Meltdown & Spectre Read 11169 times  

67446dcdcbe31
Seems some trouble is coming up for Intel-CPU owners.

TechSpot: "Massive security flaw found in Intel CPUs, patch could hit performance by up to 30%"
https://www.techspot.com/news/72550-massive-security-flaw-found-almost-all-intel-cpus.html

That article is just a random google hit and I'm not sure if their numbers aren't a bit alarmist as I could not find them in the german articles I read before but it's not looking like this will go away easily and not without some inconvenience for us users. This news is currently spreading like wildfire so you won't have trouble finding other articles about it.

Apparently someone already found a way to utilize this in a proof of concept-attack:
https://mobile.twitter.com/brainsmoke/status/948561799875502080
« Last Edit: 03. January 2018, 17:37:17 by fox »
67446dcdcc81b
Seems I dodged the bullet by choosing Ryzen. Some time ago, Intel's CEO already sold his entire stock up to the company-set limit:
https://www.fool.com/investing/2017/12/19/intels-ceo-just-sold-a-lot-of-stock.aspx

Acknowledged by: fox
67446dcdcccba
Ooh, those stock market sales are indeed very interesting! Will be interesting to keep an eye on that story in the coming months.

Can't say that I know much about the stock market but I guess you don't really need to in order to see a pattern in these numbers: http://www.nasdaq.com/symbol/intc/insider-trades

legend:
- Brian M. Krzanich: CEO
- Andy D. Bryant: Board of Directors
- Robert H. Swan: Chief Financial Officer & Executive Vice President 
- Diane Bryant: (since Dec. 1st former) President of the Data Center Group
- David Pottruck: Chairman of the Compensation Committee
- Dr. Venkata M. Renduchintala: Group president of the Client and Internet of Things (IoT) Businesses and Systems Architecture & Chief engineering officer
- Stacy J. Smith: Group president of Manufacturing, Operations and Sales at Intel Corporation
- David B. Yoffie: (former) director of Intel, member of the Compensation & Corporate Governance and Nominating Committees
- Frank D. Yeary: (former) director

stocknewsgazette.com: (October 11, 2017)
Among new and sold out positions, 77 holders initiated new positions by a total of 9.7 million shares and 85 holders exited their positions by a total of 29.12 million shares. This nets out to a decrease of 19.43 million shares and is another bearish sign for INTC.

In the last three months, insiders executed a total of 23 trades. 23 were sells. Insider ownership decreased by a total of 190873 shares, which suggests that INTC’s key executives are feeling less optimistic about the outlook for the stock. The data from the past twelve months tells a similar story: insiders executed 3 buys and 91 sells, and ownership decreased by a net of 1.46 million shares.

Apparently this problem has already been identified since at least summer (but it flew completely under the radar until now).

I've already seen a number of (german) people debating whether or not the product warranty applies for their <2 year old Intel-CPUs. In light of the ME debacle, I'd be using that in an instant myself altough AMD doesn't seem to be much better in that regard.


« Last Edit: 03. January 2018, 20:30:33 by fox »
Acknowledged by: Marvin
67446dcdcd3fb
Intel posted a statement regarding this situation earlier today. I summarize:

- media reports are wrong
- it's not an Intel-specific problem, "other vendors" are also facing it
"Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively."
The way this is phrased makes it sound like a sly rebuttal for AMD's earlier announcement) without actually stating anything in that regard.

- we were planning to disclose this next week anyway ;) (probably referring to the official patch-day on Tuesday)
- performance hits by patches will be marginal
"Intel believes these exploits do not have the potential to corrupt, modify or delete data."

Will be interesting to revisit these statements in a few months from now. The CEOs own words sound a bit more cautious. Still it's almost sounding like satire to me when he adds:
"This is an example of the industry working well together to police itself"
and
"The system is operating exactly as it's supposed to, this is how the system was architected and designed," Krzanich said. But, he said, the company is constantly searching for improvements to when it comes to cybersecurity."

Update:  "AMD rebukes Intel, says flaw poses 'near-zero risk' to its chips"
Chipmaker Advanced Micro Devices on Wednesday pushed back on a statement from Intel about a recently documented security flaw, saying its chips are mainly not affected.

AMD expects to publish security research on the flaw later on Wednesday but did provide an initial statement of its own:

    To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time.

AMD rose slightly after AMD issued the statement. The stock had fallen after Intel issued its statement earlier.

On Tuesday the Register suggested that the flaw did not impact AMD's chips but instead primarily impacted chips from Intel. But Intel's public statement on Wednesday indicated that the flaw isn't restricted to Intel's CPUs. That said, Intel did indicate it's working with other companies, including AMD, to resolve the issue, and AMD's initial statement shows it is cooperating.

"As we typically do when a potential security issue is identified, AMD has been working across our ecosystem to evaluate and respond to the speculative execution attack identified by a security research team to ensure our users are protected," AMD said.

Intel CEO Brian Krzanich spoke about the incidentin a conversation with CNBC's Jon Fortt, saying that Google first informed Intel about the issue and that to Intel's knowledge the flaw had not been exploited.

I'm tempted to break out the popcorn at this point but actually this is serious and I might be affected by it.

Oh, whaddayaknow...  In the meantime Google security researchers ("Project Zero"), who did the bulk of the research based on the blog-entry I posted earlier, came forward and disclosed it to the public. They say that they actually have working exploits for Intel and AMD but from what I have read AMD-CPUs are only vulnerable when they are actively configured to a "non-default state" (eBPF JIT toggled to 'on')  - as opposed to INTELs and ARMs, where this already is the default state, they say. The blog goes on to explain their three attack variants in detail.  [Edit: not absolutely sure yet wether AMD is in the clear regarding all three of them.]
"Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models, we have exploits that work against real software. We reported this issue to Intel, AMD and ARM on 2017-06-01 [1]."

Heh, even made it onto Tagesschau now.
« Last Edit: 04. January 2018, 01:11:55 by fox »
67446dcdcd56d
A new heise.de-article summarizes the current status quo, also attempted by another Google Security blog-entry.
67446dcdcd703
From what I understood so far there's not much Johnny Average can do except installing software updates when they become available. I'm not sure yet if this will also include processor firmware though. So far I only heard about OS- and browser-updates.

67446dcdcd7e7Nameless Voice

67446dcdcd83a
Isn't insider trading like that illegal?
67446dcdcdd12
From what I understood so far there's not much Johnny Average can do except installing software updates when they become available. I'm not sure yet if this will also include processor firmware though. So far I only heard about OS- and browser-updates.
AMD explicitly stated that one of the two issues affecting the current Zen architecture will be resolved by a microcode update, meaning that the second one is apparently harder or even impossible to resolve in software without throttling CPU power by a large margin. As the exploit is made possible by a fundamental property of "modern" (younger than 25 years) processors which is inherent to their architecture, a complete hardware fix of the Spectre exploit will likely take years and cost hundreds of millions of dollars. Not to mention the largest number of devices by far - smartphones - will never even receive a software update.
Isn't insider trading like that illegal?
No clue, but I guess it depends on the volume? Otherwise, those deals would be beyond stupid since they have to be made public if performed by the upper management.
67446dcdcef13
From what I understood so far there's not much Johnny Average can do except installing software updates when they become available.
Yes, that's my understanding too.

Be careful: MS officially warns about the patch they have already rolled out, can cause trouble due to interferences of certain AV-programs. These programs are not being named but when Win10 doesn't offer you the update, it's most likely due to an incompatibility that MS believes to exist. Best not to try and get it anyway.

Isn't insider trading like that illegal?
I'm really curious about that too. There's definitely "legit" insider trading and illegal insider trading but I'm not sure where the line is drawn. The stock market is a rigged and sick game, my sense of justice certainly doesn't apply.

https://en.wikipedia.org/wiki/Insider_trading#American_law
Tracking

Since insiders are required to report their trades, others often track these traders, and there is a school of investing which follows the lead of insiders. Following such leads subjects the follower to the risk that an insider is making a buy specifically to increase investor confidence, or is making a sale for reasons unrelated to the health of the company (such as a desire to diversify or pay a personal expense).

Legal

Legal trades by insiders are common,[2] as employees of publicly traded corporations often have stock or stock options. These trades are made public in the United States through Securities and Exchange Commission filings, mainly Form 4.

U.S. SEC Rule 10b5-1 clarified that the prohibition against insider trading does not require proof that an insider actually used material nonpublic information when conducting a trade; possession of such information alone is sufficient to violate the provision, and the SEC would infer that an insider in possession of material nonpublic information used this information when conducting a trade. However, SEC Rule 10b5-1 also created for insiders an affirmative defense if the insider can demonstrate that the trades conducted on behalf of the insider were conducted as part of a pre-existing contract or written binding plan for trading in the future.[15]

For example, if an insider expects to retire after a specific period of time and, as part of retirement planning, the insider has adopted a written binding plan to sell a specific amount of the company's stock every month for two years, and the insider later comes into possession of material nonpublic information about the company, trades based on the original plan might not constitute prohibited insider trading.

American law

Until the 21st Century and the European Union's market abuse laws, the United States was the leading country in prohibiting insider trading made on the basis of material non-public information.[5] Thomas Newkirk and Melissa Robertson of the U.S. Securities and Exchange Commission (SEC) summarize the development of US insider trading laws.[2] Insider trading has a base offense level of 8, which puts it in Zone A under the U.S. Sentencing Guidelines. This means that first-time offenders are eligible to receive probation rather than incarceration.[16]
Statutory

U.S. insider trading prohibitions are based on English and American common law prohibitions against fraud. In 1909, well before the Securities Exchange Act was passed, the United States Supreme Court ruled that a corporate director who bought that company's stock when he knew the stock's price was about to increase committed fraud by buying but not disclosing his inside information.

Section 15 of the Securities Act of 1933[17] contained prohibitions of fraud in the sale of securities which were greatly strengthened by the Securities Exchange Act of 1934.[18]

Section 16(b) of the Securities Exchange Act of 1934 prohibits short-swing profits (from any purchases and sales within any six-month period) made by corporate directors, officers, or stockholders owning more than 10% of a firm's shares. Under Section 10(b) of the 1934 Act, SEC Rule 10b-5, prohibits fraud related to securities trading.

The Insider Trading Sanctions Act of 1984 and the Insider Trading and Securities Fraud Enforcement Act of 1988 place penalties for illegal insider trading as high as three times the amount of profit gained or loss avoided from the illegal trading.[19]
SEC regulations

SEC regulation FD ("Fair Disclosure") requires that if a company intentionally discloses material non-public information to one person, it must simultaneously disclose that information to the public at large. In the case of an unintentional disclosure of material non-public information to one person, the company must make a public disclosure "promptly."[7]:586

Insider trading, or similar practices, are also regulated by the SEC under its rules on takeovers and tender offers under the Williams Act.
Court decisions

Much of the development of insider trading law has resulted from court decisions.

In 1909, the Supreme Court of the United States ruled in Strong v. Repide[20] that a director who expects to act in a way that affects the value of shares cannot use that knowledge to acquire shares from those who do not know of the expected action. Even though in general, ordinary relations between directors and shareholders in a business corporation are not of such a fiduciary nature as to make it the duty of a director to disclose to a shareholder the general knowledge which he may possess regarding the value of the shares of the company before he purchases any from a shareholder, yet there are cases where, by reason of the special facts, such duty exists.

In 1968, the Second Circuit Court of Appeals advanced a "level playing field" theory of insider trading in SEC v. Texas Gulf Sulphur Co.[21] The court stated that anyone in possession of inside information must either disclose the information or refrain from trading. Officers of the Texas Gulf Sulphur Corporation had used inside information about the discovery of the Kidd Mine to make profits by buying shares and call options on company stock.[22]

In 1984, the Supreme Court of the United States ruled in the case of Dirks v. Securities and Exchange Commission[23] that tippees (receivers of second-hand information) are liable if they had reason to believe that the tipper had breached a fiduciary duty in disclosing confidential information. One such example would be if the tipper received any personal benefit from the disclosure, thereby breaching his or her duty of loyalty to the company. In Dirks, the "tippee" received confidential information from an insider, a former employee of a company. The reason the insider disclosed the information to the tippee, and the reason the tippee disclosed the information to third parties, was to blow the whistle on massive fraud at the company. As a result of the tippee's efforts the fraud was uncovered, and the company went into bankruptcy. But, while the tippee had given the "inside" information to clients who made profits from the information, the U.S. Supreme Court ruled that the tippee could not be held liable under the federal securities laws—for the simple reason that the insider from whom he received the information was not releasing the information for an improper purpose (a personal benefit), but rather for the purpose of exposing the fraud. The Supreme Court ruled that the tippee could not have been aiding and abetting a securities law violation committed by the insider—for the simple reason that no securities law violation had been committed by the insider.

In Dirks, the Supreme Court also defined the concept of "constructive insiders," who are lawyers, investment bankers and others who receive confidential information from a corporation while providing services to the corporation. Constructive insiders are also liable for insider trading violations if the corporation expects the information to remain confidential, since they acquire the fiduciary duties of the true insider.

The next expansion of insider trading liability came in SEC vs. Materia[24] 745 F.2d 197 (2d Cir. 1984), the case which first introduced the misappropriation theory of liability for insider trading. Materia, a financial printing firm proofreader, and clearly not an insider by any definition, was found to have determined the identity of takeover targets based on proofreading tender offer documents during his employment. After a two-week trial, the district court found him liable for insider trading, and the Second Circuit Court of Appeals affirmed holding that the theft of information from an employer, and the use of that information to purchase or sell securities in another entity, constituted a fraud in connection with the purchase or sale of a securities. The misappropriation theory of insider trading was born, and liability further expanded to encompass a larger group of outsiders.

In United States v. Carpenter[25] (1986) the U.S. Supreme Court cited an earlier ruling while unanimously upholding mail and wire fraud convictions for a defendant who received his information from a journalist rather than from the company itself. The journalist R. Foster Winans was also convicted, on the grounds that he had misappropriated information belonging to his employer, the Wall Street Journal. In that widely publicized case, Winans traded in advance of "Heard on the Street" columns appearing in the Journal.[26]

The Court stated in Carpenter: "It is well established, as a general proposition, that a person who acquires special knowledge or information by virtue of a confidential or fiduciary relationship with another is not free to exploit that knowledge or information for his own personal benefit but must account to his principal for any profits derived therefrom."

However, in upholding the securities fraud (insider trading) convictions, the justices were evenly split.

In 1997, the U.S. Supreme Court adopted the misappropriation theory of insider trading in United States v. O'Hagan,[27] 521 U.S. 642, 655 (1997). O'Hagan was a partner in a law firm representing Grand Metropolitan, while it was considering a tender offer for Pillsbury Company. O'Hagan used this inside information by buying call options on Pillsbury stock, resulting in profits of over $4.3 million. O'Hagan claimed that neither he nor his firm owed a fiduciary duty to Pillsbury, so he did not commit fraud by purchasing Pillsbury options.[28]

The Court rejected O'Hagan's arguments and upheld his conviction.

The "misappropriation theory" holds that a person commits fraud "in connection with" a securities transaction and thereby violates 10(b) and Rule 10b-5, when he misappropriates confidential information for securities trading purposes, in breach of a duty owed to the source of the information. Under this theory, a fiduciary's undisclosed, self-serving use of a principal's information to purchase or sell securities, in breach of a duty of loyalty and confidentiality, defrauds the principal of the exclusive use of the information. In lieu of premising liability on a fiduciary relationship between company insider and purchaser or seller of the company's stock, the misappropriation theory premises liability on a fiduciary-turned-trader's deception of those who entrusted him with access to confidential information.

The Court specifically recognized that a corporation's information is its property: "A company's confidential information ... qualifies as property to which the company has a right of exclusive use. The undisclosed misappropriation of such information in violation of a fiduciary duty ... constitutes fraud akin to embezzlement – the fraudulent appropriation to one's own use of the money or goods entrusted to one's care by another."

In 2000, the SEC enacted SEC Rule 10b5-1, which defined trading "on the basis of" inside information as any time a person trades while aware of material nonpublic information. It is no longer a defense for one to say that one would have made the trade anyway. The rule also created an affirmative defense for pre-planned trades.

In 2014, in the case of United States v. Newman, the United States Court of Appeals for the Second Circuit cited the Supreme Court's decision in Dirks, and ruled that in order for a "tippee" (a person who has received insider information from an insider and has used that information) to be guilty of insider trading, the tippee must have been aware not only that the information was insider information, but must also have been aware that the insider released the information for an improper purpose (such as a personal benefit). The Court concluded that the insider's breach of a fiduciary duty not to release confidential information—in the absence of an improper purpose on the part of the insider—is not enough for criminal liability to be imposed on the either the insider or the tippee.[6]

In 2016, in the case of Salman v. United States, the U.S. Supreme Court held that the benefit a tipper has to receive as predicate for an insider-trader prosecution of a tippee need not be pecuniary, and that giving a 'gift' of a tip to a family member is presumptively an act for the personal though intangible benefit of the tipper.[12]
« Last Edit: 04. January 2018, 14:53:22 by fox »
67446dcdcf4c0
I'm not sure yet if this will also include processor firmware though.
Even though modern processors do have some programmable part built into them. The exploits used rely on instruction sets deeply implemented into the processor and these are usually not changeable after production.
Maybe they could implement new instructions. But that would bring a whole other set of problems with itself since you would need to change all the software (or the used compiler, to be more accurate) to use the new instructions instead of the old ones. And that's not gonna happen.
I don't see much Intel could do at this point.

I've read into this a bit now. Mainly just reading Project Zero Blogpost posted by fox.
So the exploit called Spectre, yeah Intel fucked up that one.
About Meltdown, yeaaaah I don't really know who to blame. On one hand you can have security measures built into the processor, which AMD did. On the other hand it should really have been handled by the OS in the first place. A processor is still just a thing which computes things and in that aspect its main task is not to focus on such things, on the other hand it can be implemented on the processor, so yeah, I don't know.
67446dcdcf8c1
About Meltdown, yeaaaah I don't really know who to blame. On one hand you can have security measures built into the processor, which AMD did. On the other hand it should really have been handled by the OS in the first place. A processor is still just a thing which computes things and in that aspect its main task is not to focus on such things, on the other hand it can be implemented on the processor, so yeah, I don't know.
I think that's a general problem that applies in other areas too (like nanny state vs citizen freedom). Things start to get messy when roles and duties are muddled. To a degree that unavoidable and makes a lot of sense but in my opinion companies like Intel started to blurr the lines excessively with things like the ME, TPMs and whatnot. They are actively trying to create an illusion of improved security and taking over duties that formerly belonged to the software side of things in one area but leaving the other (while the next company does it the other way around...). Of course, MS, Apple and Co are to blame for that too and actively contributed to these developments. I feel that in the process, they repeatedly shoot themselves and the users in the foot. So yeah, back at square one - I don't know who to blame either. All of them, I guess.

67446dcdcf978Nameless Voice

67446dcdcf9cf
Sounds like selling your stocks because you have non-public knowledge (about a vulnerability) that you know if going to make the stock value plummet is very much illegal - and it looks like a lot of people at Intel did just that.
67446dcdcfad8
Yes, it does sound like it to me too but I wouldn't be too surprised if they found some loophole. I'll keep an eye on this story.

67446dcdcfc2avoodoo47

67446dcdcfc8e
well, if you know that the stocks will go down significantly, then the risk of maybe having to pay fines is one worth taking.
67446dcdcfde4
Only if the judges let you keep the profits from illegal sales (which is unlikely*). But that leads me to the question if merely selling shares at the normal price before some event happens counts as profiting from it. I could imagine that this is treated very differently from actually making a profit by speculating on decling stock prices and the likes.

*
(...)penalties for illegal insider trading as high as three times the amount of profit gained or loss avoided from the illegal trading.
« Last Edit: 04. January 2018, 20:28:03 by fox »

67446dcdcfed7Nameless Voice

67446dcdcff2b
Trading with non-public knowledge is trading with non-public knowledge, though.

There's really only two ways you can benefit from that - selling them in advance of something that will bring their price down, and buying them in advance of something that will bring their price up.

This is very clearly the first one.

The stock value doesn't seem to have dropped that much yet, though, and it's still worth significantly more than it was back in June.
67446dcdd0226
This is all very fuzzy to me. I mean, where do they draw the line? "Trading with non-public knowledge" happens everyday to some extent, as long as people can trade stock of the same company they work for.

Btw, you can also bet on falling stock prices (called put-option warrants) and other, less direct ways (eg. financial futures) to make profit with insider knowledge. But yes, there's no indication that any of these Intel-managers did something like that or made actual direct profit for themselves. I guess lawyers could argue that keeping things under the wraps until the damage could be reduced to a minimum (aka the planned disclosure on January, 9th) was in the best interest of everybody. However, they did get themselves a very unfair advantage against everybody else holding Intel-shares (in case things go really south) by getting rid of their own stock in the meantime. I guess you'd have to be a lawyer to accurately assess the legal situation appropriately. I have a feeling that this could be a grey area unless they actively tried to gain profit on the side via unpublicized trades in relation to their insider knowledge.

Edit: The more I read about it, the more it seems simply illegal.
http://www.eurogamer.net/articles/2016-12-10-ubisoft-executives-fined-1-2m-for-alleged-insider-trading
http://www.washingtonpost.com/wp-dyn/content/article/2007/04/19/AR2007041902738.html
https://www.sec.gov/news/press-release/2014-77
https://www.sec.gov/news/press-release/2013-254
https://www.sec.gov/news/press-release/2013-193
https://www.sec.gov/news/press-release/2013-2013-100htm
https://www.sec.gov/news/press-release/2012-2012-141htm
https://www.sec.gov/news/press/2010/2010-209.htm

Heh, just watched the local mainstream news and they actually thematized Brian Krzanich's selling of company stock. Looks like this is going to be 'a thing'!
« Last Edit: 05. January 2018, 00:20:43 by fox »
67446dcdd0ce9
"Intel CEO had knowledge of chip vulnerabilities before selling off almost all of his company stock"
The activity brings a whole new meaning to the slogan 'Intel Inside'
Not really new though.

-------

Apparently there are attempts to harden browsers against some of the possible threats. heise.de:"Browser-Hersteller reagieren auf Meltdown und Spectre"

for Chrome:
How to Configure
There are two ways to enable Site Isolation: isolating all sites, or isolating a list of certain sites.
1) Isolating All Sites
This mode is easier to enable and ensures that all websites are put into dedicated processes that are not shared with other sites.  It can be enabled in any of the following ways:

    Visit chrome://flags#enable-site-per-process, click Enable, and restart.  (See also: help center article.)
    Enabling in chrome://flags

    Or, use command line flags to start Chrome with --site-per-process.

    Or, use an Enterprise Policy to enable SitePerProcess within your organization.


2) Isolating Certain Sites
This mode allows you to provide a list of specific origins that will be given dedicated processes, rather than isolating all sites.  The main advantage to this mode is that it typically uses less memory than isolating all sites.  If using this approach, we recommend including any site that you log into on the list.  (Note that subdomains are included, so listing https://google.com will also protect https://mail.google.com.)  This mode can be enabled in either of the following ways:

    Use command line flags to start Chrome with --isolate-origins followed by a comma-separated list of origins to isolate.  For example:
    --isolate-origins=https://google.com,https://youtube.com
    Be careful not to include effective top-level domains (e.g., https://co.uk or https://appspot.com; see the full list at https://publicsuffix.org), which will be ignored.

    Or, use an Enterprise Policy to enable IsolateOrigins within your organization.

Both "Isolating All Sites" and "Isolating Certain Sites" work on Chrome for Windows, Mac, Linux, and ChromeOS.  "Isolating All Sites" also works on Chrome for Android, but only via chrome://flags#enable-site-per-process.
Disabling
If you encounter problems when Site Isolation is enabled, you can try turning it off by undoing the steps above, to see if the problem goes away.

Note that some issues may be resolved by turning off just the document blocking feature, which leaves some of the protections from process isolation in place.  To try this, start Chrome with the following command line flag:
--disable-features=CrossSiteDocumentBlockingIfIsolating

We encourage you to file bugs if you do encounter problems when using Site Isolation by visiting https://new.crbug.com, describing the problem, and mentioning that you are using Site Isolation.

Recommendations for Web Developers
Site Isolation can help protect sensitive documents on your website, but only if Chrome can distinguish them from other resources which any site is allowed to request (e.g., images, scripts, etc.).  Chrome currently tries to identify URLs that contain HTML, XML, and JSON files, based on MIME type and other HTTP headers.  The guidelines below can help you ensure that sensitive information on your website will be protected by Site Isolation.

Chrome should be able to effectively protect URLs that have both a protected MIME type and a "nosniff" header.  More specifically, the HTTP response for the URL should be labeled with one of these MIME types in the "Content-Type" HTTP response header:

    text/html
    text/xml
    application/xml
    application/rss+xml
    application/json
    text/json
    text/x-json
    text/plain

The HTTP response should also have a "X-Content-Type-Options: nosniff" HTTP response header, which ensures that the protection will not depend on what the contents of the file look like.

Note that we recommend not supporting multipart range requests for sensitive documents, because this changes the MIME type to multipart/byteranges and makes it harder for Chrome to protect.

In addition to the recommended cases above, Chrome will also do its best to protect responses labeled with any of the MIME types above and without a "nosniff" header, but this has limitations.  Many JavaScript files on the web are unfortunately labeled using some of these MIME types, and if Chrome blocked access to them, existing websites would break.  Thus, when the "nosniff" header is not present, Chrome first looks at the start of the file to try to confirm whether it is HTML, XML, or JSON, before deciding to protect it.  If it cannot confirm this, it allows the response to be received by the cross-site page's process.  This is a best-effort approach which adds some limited protection while preserving compatibility with existing sites.  We recommend that web developers include the "nosniff" header to avoid relying on this approach.

Mozilla released a patch and explains:
Several recently-published research articles have demonstrated a new class of timing attacks (Meltdown and Spectre) that work on modern CPUs.  Our internal experiments confirm that it is possible to use similar techniques from Web content to read private information between different origins.  The full extent of this class of attack is still under investigation and we are working with security researchers and other browser vendors to fully understand the threat and fixes.  Since this new class of attacks involves measuring precise time intervals, as a partial, short-term, mitigation we are disabling or reducing the precision of several time sources in Firefox.  This includes both explicit sources, like performance.now(), and implicit sources that allow building high-resolution timers, viz., SharedArrayBuffer.

Specifically, in all release channels, starting with 57:

    The resolution of performance.now() will be reduced to 20µs.
    The SharedArrayBuffer feature is being disabled by default.

Furthermore, other timing sources and time-fuzzing techniques are being worked on.

In the longer term, we have started experimenting with techniques to remove the information leak closer to the source, instead of just hiding the leak by disabling timers.  This project requires time to understand, implement and test, but might allow us to consider reenabling SharedArrayBuffer and the other high-resolution timers as these features provide important capabilities to the Web platform.

Update [January 4, 2018]: We have released Firefox 57.0.4 which includes the two timing based mitigations described above.


Linus Torvalds says (in regard to Intel's initial statement):
I think somebody inside of Intel needs to really take a long hard look
at their CPU's, and actually admit that they have issues instead of
writing PR blurbs that say that everything works as designed.

.. and that really means that all these mitigation patches should be
written with "not all CPU's are crap" in mind.

Or is Intel basically saying "we are committed to selling you shit
forever and ever, and never fixing anything"?

Because if that's the case, maybe we should start looking towards the
ARM64 people more.

Please talk to management. Because I really see exactly two possibibilities:

 - Intel never intends to fix anything

OR

 - these workarounds should have a way to disable them.

Which of the two is it?

A new heise.de-article offers an (relatively) easy to understand analysis about the technial background and the gravity of the problem:
"Analyse zur Prozessorlücke: Meltdown und Spectre sind ein Security-Supergau"
« Last Edit: 05. January 2018, 21:28:44 by fox »
67446dcdd0f5f
Afaik, this list is not definitive yet. The ones on the list are guaranteed to be affected but I've read somewhere that it's likely to go even further back. Pretty sure they already added some platforms since the last time I looked at it yesterday.
« Last Edit: 05. January 2018, 23:43:35 by fox »
67446dcdd10ad
The further you go back, the more likely it will get to find the same or similiar exploits. In the past it was even more up to the OS to handle all the security stuff. So you will at one point get to the working as intended (and this time for real) processors who don't have any safety features whatsoever built into them.
67446dcdd1207
I might be wrong here but piecing together what I learned so far, in terms of Intel and PCs, it could stop at the P6 architecture (created in 1995). I think so because that was the first x86 processor generation that featured speculative execution and out-of-order completion.

------

Guardian: "Intel facing class-action lawsuits over Meltdown and Spectre bugs"
« Last Edit: 06. January 2018, 12:56:56 by fox »
67446dcdd13a7
Meltdown exploits a basic design principle which can be found in any processor. In their newest processors AMD just happen to have built some safety features around it. But if you go back in time an check all the processors it wouldn't make much sense to cehck for this kind of exploit as there are way easier methods available.
Spectre on the other hand is a bug which is tied to the processor architecture design and not tied to speculative execution. It just happened to be that one instruction isn't executed the way it should be. Now if that bug haven't been copied again and again since 1995 and actually was newly designed at some point, then any processor before that shouldn't have it. And it's hard to believe that it would be copied over that many times, usually you need to redesign it with a new pipeline architecture.

If you want to learn how a processor architecture works I recommend "Computer Organization and Design" from Patterson and Hennessy. Like every technical books it got it's flaws here and there, but in general it's easy to understand.
8 Guests are here.
Galette des Rois: „Le roi boit!“
Page: [1] 2 3 »
Contact SMF 2.0.19 | SMF © 2016, Simple Machines | Terms and Policies
FEEP
67446dcdd47a4