[ home ] [ pony / rp / canterlot / rules ] [ arch ]

/pony/ - Pony

Ponies and General Posting
Name
Email
Subject
Comment
File
Flags  
Embed
Password (For file deletion.)

[Return][Go to bottom]

 No.946540

File: 1557969290639.png (275.21 KB, 1080x1080, 1:1, 1522065211264.png) ImgOps Google

>mfw speculative execution is behind yet another vulnerability                                                                                 

 No.946562

File: 1557976341554.jpeg (30.63 KB, 700x976, 175:244, D39Fs_cUEAAR3oQ.jpeg) ImgOps Google

The kinds of attacks we see nowadays are truly spectacular. I understand how it works and yet I still can't wrap my head around these kinds of side channel attacks. Really very fascination stuff.

 No.946564

File: 1557976828497.jpg (19.32 KB, 289x296, 289:296, Awww Flutter.jpg) ImgOps Exif Google

...what does this mean? is it big trouble?

 No.946590

Was any of that English?

 No.946600

File: 1557979481240.png (19.61 KB, 318x395, 318:395, Oh no! A disturbance!.png) ImgOps Google

>>946590

No, I think he's speaking in Hacker.

 No.946616

File: 1557980456243.jpg (91.82 KB, 640x896, 5:7, 1430594723378.jpg) ImgOps Exif Google

>>946564
Suppose that you have two websites open in your browser, a friendly website and a malicious website.  The malicious website's JavaScript is not supposed to be able to read sensitive data that you enter into the friendly website.  But it turns out that the malicious code can time how long it takes the CPU to do certain operations, and this timing can reveal your sensitive data.  It is a slow and noisy channel, but it really can be exploited in practice.  Recent versions of Chrome and Firefox have mitigations against this.  But for extra sensitive information (e.g., Bitcoin private keys), it's still best to power-cycle your machine (and perhaps even leave it powered off for a few seconds to let your DRAM charges dissipate) before visiting any potentially hostile websites.

For cloud hosting where you share the same physical resources as a potentially hostile client -- well, you're well and truly fucked, especially considering that there are probably additional yet-to-be-discovered vulnerabilities of this type.  Physical isolation is the only way to go to really secure your sensitive data.

>>946590
Retpoline thunks!

 No.946683

File: 1557983058520.png (976.12 KB, 1280x720, 16:9, 1490416352212.png) ImgOps Google

>>946562
I wonder how long it will take for Intel and AMD to fix the underlying hardware vulnerabilities.  It seems like a difficult fix without degrading performance a lot.

 No.946684

>>946616
Chain's having a stroke! Someone stuff their wallet in his mouth!

 No.946691

File: 1557983495983.png (80.95 KB, 484x327, 484:327, 133411698921.png) ImgOps Google

>>946616
Gee... But that sounds like such a primitive technique. Surely the information a hacker gets from that could only be the most cursory, vague information?

 No.946700

>>946691
IIRC, they had a proof-of-concept that was able to read out credit-card numbers in under a minute of attacking.  Each individual microarchitectural leak is very noisy, but if you combine thousands of them, you can read arbitrary bytes of the application's memory with very high confidence.

 No.946720

File: 1557986731911.jpg (46.55 KB, 640x508, 160:127, tumblr_mtoyhbLMUR1rwbtdpo1….jpg) ImgOps Exif Google

>>946616
>Physical isolation is the only way to go to really secure your sensitive data.

I'm retreating to the mountains to hide in a cave.  Wish me luck.

 No.946728

>>946720
This, but unironically.
I'm going to buy myself an old quarry, build a bunch of concrete bunkers inside, and bury the whole thing.

 No.946838

File: 1558060653880.png (8.92 KB, 240x200, 6:5, cowe-such-milk.png) ImgOps Google

>>946728
Would you keep any livestock?

 No.946844

File: 1558061168753.png (648.84 KB, 1280x720, 16:9, Silverstream 81.png) ImgOps Google

>>946728
Find an old mine and reinforce a few tunnels. Just don't get lost inside like the meth heads did a couple months back.

 No.946909

File: 1558067523233.jpg (164.62 KB, 1355x1961, 1355:1961, DZOhrD3U8AEVfa3.jpg large.jpg) ImgOps Exif Google

>>946838
Definitely some chickens. Eggs fresh are always amazing.

 No.946977

>>946844
The problem with mines is that things tend to be long and narrow.
Quarries are just flat holes in the ground, already. Makes them a tad easier for planning things out, I think.
Bonus points for being able to build upwards.

Mines do get bonus points for already being underground, meaning it's a fair ways cheaper, though.
But, that's also a slight bit of the problem. Already underground makes proper, full supports, a tad more difficult.
Caveins are likely to be an inevitability.

 No.947212

I'm all for hardware security features.

But they also sometimes piss me off. All the designers come up with their own weird solutions.


[]
[Return] [Go to top]
[ home ] [ pony / rp / canterlot / rules ] [ arch ]