Register    Login    Search    Articles & downloads     Who We Are    Donate    Jaylach Free Sites

Board index » Technical Forums » Security




Post new topic Reply to topic  [ 6 posts ] 
Author Message
 Post Posted: Tue Mar 27, 2018 7:15 pm 
Offline
welcoming committee
User avatar

Joined: Sun Mar 04, 2018 5:26 pm
Posts: 54
Location: Upstate NY
Here we go again. :(

Intel CPUs Vulnerable to New 'BranchScope' Attack | SecurityWeek.Com
Quote:
Researchers have discovered a new side-channel attack method that can be launched against devices with Intel processors, and the patches released in response to the Spectre and Meltdown vulnerabilities might not prevent these types of attacks.

The new attack, dubbed BranchScope, has been identified and demonstrated by a team of researchers from the College of William & Mary, University of California Riverside, Carnegie Mellon University in Qatar, and Binghamton University.

Similar to Meltdown and Spectre, BranchScope can be exploited by an attacker to obtain potentially sensitive information they normally would not be able to access directly. The attacker needs to have access to the targeted system and they must be able to execute arbitrary code.


More at the source.

_________________
Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.


Top 
 Profile  
Reply with quote  
 Post Posted: Wed Mar 28, 2018 9:47 am 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
Yawn!!. Did you read the article. For most individual users this is a big so what. For the exploit to be run you have to have access to the actual computer, AND you have to run special code. Think about it!


Top 
 Profile  
Reply with quote  
 Post Posted: Wed Mar 28, 2018 12:28 pm 
Offline
Moderator
User avatar

Joined: Thu Apr 05, 2012 3:25 pm
Posts: 1916
Location: Pembrokeshire, South Wales, UK
The quote Corrine posted did say it needed access to the actual machine and that you needed to be able to run code, so I'd assume she did read the article, I've not known her to post anything that she thought unimportant.

_________________
Joan Archer
http://crossstitcher.webs.com
Image


Top 
 Profile  
Reply with quote  
 Post Posted: Thu Mar 29, 2018 3:58 am 
Offline
Resident Geekazoid Administrator
User avatar

Joined: Wed Mar 21, 2012 5:09 am
Posts: 9438
Location: The state of confusion; I just use Wyoming for mail.
I say this tongue in cheep but I DO tend to like AMP processors. Not only are they cheaper for the buck but are a lesser target for these types of attacks. :mrgreen:

Thank you for the info Corrine. :)

_________________
Image
Free sites from jaylach.com
I NEVER forget... I just remember late.


Top 
 Profile  
Reply with quote  
 Post Posted: Thu Mar 29, 2018 8:59 am 
Offline
Moderator
User avatar

Joined: Thu Apr 05, 2012 3:25 pm
Posts: 1916
Location: Pembrokeshire, South Wales, UK
jaylach wrote:
I say this tongue in cheep but I DO tend to like AMP processors. Not only are they cheaper for the buck but are a lesser target for these types of attacks. :mrgreen:

Thank you for the info Corrine. :)

After most of the machines I've had have been Intel this new HP I've got is AMD, not sure what the latest version is but mine is AMD A9-9420 RADEON R5, 5 COMPUTE CORES 2C+3G 3GHz. ;)

_________________
Joan Archer
http://crossstitcher.webs.com
Image


Top 
 Profile  
Reply with quote  
 Post Posted: Thu Mar 29, 2018 11:46 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
Well the funny (or not so funny ) part about all this is there have been quiet a few patches put for all this stuff, and in some cases the patches have caused more problems.

Unless you are totally reckless with your computers and what you open you really don't need to worry about it.

It's kind of like the horrible exploits you read about. One good example is Powershell. Microsoft has blessed us all with the gem. I've studied this beast and what it comes down to is if someone can get a power shell script on your system and run it they own you, and no security software will help. BUT...to get it on your system you have to do something very foolish with your email or open a speadsheet and allow a macro, you are totally safe.


Top 
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
 
Post new topic Reply to topic  [ 6 posts ] 

Board index » Technical Forums » Security


Who is online

Registered users: No registered users

 
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:

Similar topics


Jump to: