[CRTech] Christian Radio Tech [MSG 81660]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
Re: CPU security vulnerability
To: CRTech <crtech@crtech.org>
Subject: Re: CPU security vulnerability
From: Alan Kilgore <wrvm.engineer@gmail.com>
Date: Mon, 08 Jan 2018 14:16:02 -0600
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:from:date:to:subject:in-reply-to:references:mime-version; bh=nOwjNzR13vEJyZzDKh2a5ljjET1AKXDx5AUgkphPyn0=; b=QUz/Nb+HrWa3oHwtiYkD9AanPNUTsFA3z5eJwUEbbFQBKvQt6lpHcaly29ZYYss+Fz vGjLuUwcDpjjZ4JoXuKxhXvh+PENvMIXQ4vv0CeEVV41trlnK7sDvPwpaBa8FbsdkvuI 0Jdpii1mqZ1MowFDweivIy4E9zTioFGuHbdSWMJpdwcqZoqjh1WTsV3J2Ps+4PXkWgOp nUtNnShPyy1BFOv0wVVVvpQNPjB5n8PioFVIXK73pcI+RCIxqupl9CMWVs9xmRJxnlDN 4qXdJ6eCBnzYr0FqFb1E+pJRb9R+qEGIjF3CgSonnXKV4aOpt/4QdjvKw3yJUvc7Wt71 K+xQ==
In-reply-to: <35A293AF-9639-4517-8D15-5866D70CE0D6@paravelsystems.com>
References: <CAOkhgWoMjjwszWXySMMGr=B=tDwe7xi2JHMBw0LsArEhLawk+A@mail.gmail.com> <CAOkhgWqy2to-JUQuJg=a0b5Djyg2YXBBJxKiCCzk1MD1RoEThg@mail.gmail.com> <2B4D9BC7-CD59-4B3B-8B7E-AEF3ADA2FB41@paravelsystems.com> <39BDB4B5A083864B9802AFB66985BC07C146DF@KSGN-DC.KSGNNET.local> <35A293AF-9639-4517-8D15-5866D70CE0D6@paravelsystems.com>
This all sounds to me more and more like revealing a blueprint for new computer hacks which will challenge hackers to compete for becoming the first to successfully exploit computers in this manner.

I sure hope that I'm wrong about that.

I certainly agree that our protective measures need to be updated.
____________________________________
Alan Kilgore, CPBE
WRVM Chief Engineer

At 01:45 PM 1/8/2018, you wrote:
On Jan 8, 2018, at 13:20, Jon Foreman <Jon@ksgn.com> wrote:

<snip>

I'm finding that the more I learn about these vulnerabilities, the less I'm inclined to blame the chipmakers. These really are exotic phenomena that take rely on strange side-effects of doing certain uncommon things in the code (hence the "side-chain attack" moniker in the formal names of the vulnerabilities). It's rather amazing that the researchers were able to make this work even in the lab. It's entirely possible (although not guaranteed of course) that a practical "real world" exploit may turn out to be impossible.

Follow-Ups: Re: CPU security vulnerability
(Willie Barnett <wbradiolists@gmail.com>, 8 Jan 2018 20:25:15 -0000)
References: CPU security vulnerability
(Willie Barnett <wbradiolists@gmail.com>, 8 Jan 2018 15:33:48 -0000)
Re: CPU security vulnerability
(Willie Barnett <wbradiolists@gmail.com>, 8 Jan 2018 17:18:04 -0000)
Re: CPU security vulnerability
(Fred Gleason <fredg@paravelsystems.com>, 8 Jan 2018 17:40:10 -0000)
RE: CPU security vulnerability
(Jon Foreman <Jon@ksgn.com>, 8 Jan 2018 18:20:57 -0000)
Re: CPU security vulnerability
(Fred Gleason <fredg@paravelsystems.com>, 8 Jan 2018 19:45:45 -0000)
Prev by date: RE: Translator IDs
(Ben Barber, 8 Jan 2018 20:04:53 -0000)
Next by date: Re: CPU security vulnerability
(Willie Barnett, 8 Jan 2018 20:25:15 -0000)
Prev by thread: Re: CPU security vulnerability
(Fred Gleason, 8 Jan 2018 19:45:45 -0000)
Next by thread: Re: CPU security vulnerability
(Willie Barnett, 8 Jan 2018 20:25:15 -0000)
CRTech.org