Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Debating Chamber > Security

Reply
 
Thread Tools Display Modes
Old 27. Mar 2018, 09:08 PM   #1 (permalink)
Senior Member
 
Join Date: Aug 2012
Posts: 192
Exclamation Yet another weakness in CPU branch prediction demonstrated on several Intel CPUs

In this "new" flaw, called BranchScope:

"an attacker primes the PHT and running branch instructions so that the PHT will always assume a particular branch is taken or not taken. The victim code then runs and makes a branch, which is potentially disturbing the PHT. The attacker then runs more branch instructions of its own to detect that disturbance to the PHT; the attacker knows that some branches should be predicted in a particular direction and tests to see if the victim's code has changed that prediction.".

https://arstechnica.com/gadgets/2018...ction-attacks/

The researchers aren't sure how widespread BranchScope will be, but just like with Spectre, it still requires the attacker to be able to execute code on the victim's computer. As many specialists have said, it could take months or even years to fully discover and patch the bugs associated with speculative execution.
IO.Hazard is offline   Reply With Quote
Old 28. Mar 2018, 05:36 PM   #2 (permalink)
Senior Member
 
Join Date: May 2010
Posts: 555
Default

Surely allowing someone access to your machine to run the code is a bigger worry!!
Burn-IT is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 01:33 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2021, vBulletin Solutions, Inc.