hahahanoobs
Posts: 5,223 +3,075
I got the jist of it just fine.
AMD admits that Zen 3 CPUs are vulnerable to a new Spectre-style attack
- Thread starter mongeese
- Start date
ZedRM
Posts: 1,804 +1,207
Again, that understanding is flawed. That "example" is little more than a concept of how a Spectre exploit MIGHT work. The catch with that example is that it only works within the browser instance and then only under certain conditions. It can not be made to access data outside the browser memory space and then only within a certain memory space inside that memory stack. Change browsers and things are different. The front page of that site states this clearly. That code example can NOT be used to acquire any data that would be useful, nor can it be altered to do so. It is not a valid example of a working exploit, nor is it a "proof of concept". There is no functional merit present there.
The whitepaper says no such thing.
That's not how Spectre might work, that is how Spectre works. It works without admin rights like it should. Like I said before, admin rights will help Spectre to extract data from other processes too. But Spectre functionality remains same: for reason it stays within process memory space it does not need admin rights.
So Spectre does work without admin rights, although severity is limited but it will still work. Meltdown does not work at all without admin rights.
Whitepaper does not say any reason why Spectre would need admin rights to work.
I can't believe it still lives anywhere honestly. It has been a long time since any Windows 10 built-in AV has not been considered an excellent alternative. And best of all we don't need to worry about it digging its roots so far in our computers and choking them off since it's seamless.
Of course that performance impact is negligible. You could see from the stratosphere that it's a deliberate flaw. As soon as AMD became popular, they had to introduce the same security hole as Intel had.
Just think of it, during normal execution a memory address is compared to the table of pages available to the process, and this is almost instant. Now, why not use the identical pure-hardware mechanism for speculative address check? Explanation: "because it's too slow". LOL. If it was so slow it would slow down normal program execution. It's the same freaking hardware module. It's almost instant.
On top of that, the speculative and out-of-order instruction execution has more time, since nothing yet depends on it. And sometimes the entire calculation is thrown away in the end, depending on the actual program flow. Which means, even less impact on the performance.
The only reason they want people to keep using memory access without a proper check is to keep the security hole open.
Just think of it, during normal execution a memory address is compared to the table of pages available to the process, and this is almost instant. Now, why not use the identical pure-hardware mechanism for speculative address check? Explanation: "because it's too slow". LOL. If it was so slow it would slow down normal program execution. It's the same freaking hardware module. It's almost instant.
On top of that, the speculative and out-of-order instruction execution has more time, since nothing yet depends on it. And sometimes the entire calculation is thrown away in the end, depending on the actual program flow. Which means, even less impact on the performance.
The only reason they want people to keep using memory access without a proper check is to keep the security hole open.
Similar threads
Latest posts
-
Ford is losing boatloads of money on every electric vehicle sold- Superconductor replied
-
Police arrest high school athletic director for deepfaking principal's voice
- Cal Jeffrey replied
