This week in computer security - Page 12 - RPGWatch Forums
|
Your donations keep RPGWatch running!
RPGWatch Forums » General Forums » Tech Help » This week in computer security

Default This week in computer security

December 22nd, 2017, 21:57
According to this article in German language https://www.heise.de/security/meldun…r-3926842.html Hackkers managed to send a Ransom Trijan via Police mails.
The article points towardss this document as source : http://www.documentcloud.org/documen…Affidavit.html
The article alöso says that those hackers got arrested already.
--
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR
Original Sin 1 & 2 Donor

#221

Join Date: Nov 2006
Location: Old Europe
Posts: 20,342
Mentioned: 41 Post(s)

Default 

December 23rd, 2017, 01:12
Are police mails just forgery of emails or something different ?
-
read article. Vaguely that sounds like old news. The software for this stuff is really lame and easy to hack (from what I remember reading - what's that conference they have with the hackers). In fact they demonstrated that you could hack even 'secure' voting systems in under 20 minutes with no prior knowledge of the system. Some of it is just using windows known exploits and some of it is the lameity of how these systems are secure and lack of secure transport layers.
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#222

Join Date: Oct 2006
Location: usa - no longer boston
Posts: 7,758
Mentioned: 63 Post(s)

Default 

January 4th, 2018, 00:27
Intel has a major security flaw, and the fix looks pretty ugly.

http://www.bbc.com/news/technology-42553818

EDIT: A separate flaw also affect AMD and ARM.

https://www.reuters.com/article/us-c…-idUSKBN1ES1BO
--
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
Last edited by Ripper; January 4th, 2018 at 00:46.
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela
Super Moderator

#223

Join Date: Nov 2014
Posts: 11,011
Mentioned: 110 Post(s)

Default 

January 4th, 2018, 12:49
@Ripper - bad stuff all around….Interesting to see that AMD has another security issue: the glee expressed by some AMD supporters was quite disgusting. The general view was that AMD was immune to security issues and superior in every way etc etc. The word hubris springs to mind :-)
booboo is offline

booboo

booboo's Avatar
SasqWatch

#224

Join Date: Aug 2007
Location: Cape Town, South Africa
Posts: 1,861
Mentioned: 25 Post(s)

Default 

January 4th, 2018, 15:16
Well there are two different flaws. The 'amd' flaw; from my reading sounds less like a chip flaw and software running on amd processor flaw so I will give them a pass here. Also this 'flaw' is very difficult to utilize so on first reading success rate via hackers will be low (success is obtaining sensitive information once a virus is installed). The first flaw is much more serious and is a hardware level bug. Shame on intel.

[I run intel processors not amd].

Originally Posted by booboo View Post
@Ripper - bad stuff all around….Interesting to see that AMD has another security issue: the glee expressed by some AMD supporters was quite disgusting. The general view was that AMD was immune to security issues and superior in every way etc etc. The word hubris springs to mind :-)
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#225

Join Date: Oct 2006
Location: usa - no longer boston
Posts: 7,758
Mentioned: 63 Post(s)

Default 

January 4th, 2018, 15:49
Both flaws are related, in that they potentially allow speculative operations on the CPU to be exploited. The Intel case is more serious, as it allows speculative operations access to kernel memory in a way which can bypass the security checks, which is very dangerous. The Spectre exploit that affects all major CPUs is similar, but only allows for more difficult attacks that may be less practical. There is a suggestion that speculative CPU operations may now be generally considered insecure in their current form, which would be a big problem.

The Intel exploit, being so nasty, requires a very heavy-handed fix on the OS, in which the efficient method of switching from kernel mode to user mode must be abandoned in favor of a more rigid and inefficient, but safer, technique. This will result in a performance penalty in some situations, which could be significant. Hopefully, because games are largely user mode tasks, any impact will be minimal.
--
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
Last edited by Ripper; January 4th, 2018 at 16:05.
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela
Super Moderator

#226

Join Date: Nov 2014
Posts: 11,011
Mentioned: 110 Post(s)

Default 

January 4th, 2018, 16:42
Exactly what you said in the last sentence.
Gamers shouldn't care about these vulnerabilities at all.
--
Toka Koka
joxer is offline

joxer

joxer's Avatar
The Smoker
Original Sin 1 & 2 Donor

#227

Join Date: Apr 2009
Posts: 23,435
Mentioned: 224 Post(s)

Default 

January 4th, 2018, 19:20
That's what they are saying, but I'm going to wait and see before applying the patch. If I hear about major slow downs in games or just everyday computing, I will not get the patch.
--
"Let Justice Be Done, Though The Heavens Fall"

To check out my games library, and see what recent games I'm playing, visit my steam profile! -- http://steamcommunity.com/profiles/76561197982351404
Arkadia7 is offline

Arkadia7

Arkadia7's Avatar
SasqWatch
Original Sin 2 Donor

#228

Join Date: Oct 2009
Location: Pacific NorthWest, USA!
Posts: 1,872
Mentioned: 16 Post(s)

Default 

January 4th, 2018, 20:05
I think it'll be hard to avoid the patch - I expect MS will force it as a mandatory update to the kernel. I've heard, though, that there will be an option to boot into insecure mode, which will be vulnerable, but faster.
--
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela
Super Moderator

#229

Join Date: Nov 2014
Posts: 11,011
Mentioned: 110 Post(s)

Default 

January 5th, 2018, 05:29
They are only related in that they potentially allow access to sensitive information outside of the program address space. They are - from a technical perspective - that is how they obtain this information - unrelated.

Originally Posted by Ripper View Post
Both flaws are related, in that they potentially allow speculative operations on the CPU to be exploited. The Intel case is more serious, as it allows speculative operations access to kernel memory in a way which can bypass the security checks, which is very dangerous. The Spectre exploit that affects all major CPUs is similar, but only allows for more difficult attacks that may be less practical. There is a suggestion that speculative CPU operations may now be generally considered insecure in their current form, which would be a big problem.

The Intel exploit, being so nasty, requires a very heavy-handed fix on the OS, in which the efficient method of switching from kernel mode to user mode must be abandoned in favor of a more rigid and inefficient, but safer, technique. This will result in a performance penalty in some situations, which could be significant. Hopefully, because games are largely user mode tasks, any impact will be minimal.
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#230

Join Date: Oct 2006
Location: usa - no longer boston
Posts: 7,758
Mentioned: 63 Post(s)

Default 

January 5th, 2018, 13:59
Originally Posted by you View Post
They are only related in that they potentially allow access to sensitive information outside of the program address space. They are - from a technical perspective - that is how they obtain this information - unrelated.
I would say they are closely related, in that they are variants of essentially the same problem. Have a look at Google's own technical assessment.

https://googleprojectzero.blogspot.n…with-side.html

Both vulnerabilities are classified under a single article as "Reading privileged memory with a side-channel", and they go so far as to define Spectre as variants 1 and 2, and Meltdown as variant 3. Both vulnerabilities occur due to a lack of security in the speculative execution behavior of modern CPUs. I think it's fair to say they are related from a "technical perspective".
--
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela
Super Moderator

#231

Join Date: Nov 2014
Posts: 11,011
Mentioned: 110 Post(s)

Default 

January 5th, 2018, 15:50
Before any of these are possible, your PC needs to be compromised first. You need to (unknowingly) install something. Also it can read memory it does not have access to, but that memory does not necessarily have to contain any information that is usable. It could, but it all depends on what you do on your PC.
Obviously, a lot of people do not take security that seriously, I understand quite a number of people don’t even patch their OS, so it will definitely have its impact.

For PCs, the best solution would be for Intel to deliver processor chips where the issues are fixed, but they probably would like to sell their stock first.
--
In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. Douglas Adams
There are no facts, only interpretations. Nietzsche
Some cause happiness wherever they go; others whenever they go. Oscar Wilde
Myrthos is offline

Myrthos

Myrthos's Avatar
Cave Canem
Administrator
RPGWatch Team

#232

Join Date: Aug 2006
Location: Netherlands
Posts: 10,375
Mentioned: 169 Post(s)

Default 

January 5th, 2018, 16:02
From what I've read, although Intel could improve their chips to protect against the Meltdown variant, getting rid of the wider class of Spectre vulnerabilities could be a much taller order, and require going back to the drawing board on some key aspects of current CPU design. Could take years.
--
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela
Super Moderator

#233

Join Date: Nov 2014
Posts: 11,011
Mentioned: 110 Post(s)

Default 

January 6th, 2018, 02:09
Well this is nasty. Someone demonstrated how to use spectre security weakness via javascript….
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#234

Join Date: Oct 2006
Location: usa - no longer boston
Posts: 7,758
Mentioned: 63 Post(s)

Default 

January 6th, 2018, 02:39
Nasty indeed. The browser manufacturers are scrambling to introduce measures that will block or make harder the javascript attacks, but this still leaves us in a very unsatisfactory and unsafe position. This relies upon the correctness of the browser - any bugs, flaws, or unknown attacks could still allow access to kernel memory of the system, and potentially escalate privilege to own the system.
--
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela
Super Moderator

#235

Join Date: Nov 2014
Posts: 11,011
Mentioned: 110 Post(s)

Default 

January 6th, 2018, 04:43
Originally Posted by joxer View Post
Exactly what you said in the last sentence.
Gamers shouldn't care about these vulnerabilities at all.
Yeah - well, in a direct sense anyway, I don't think this is any more terrible than any of the 100 latest virusi that popped up. I guess BOINC may run slower after the patch but no big deal there.

Indirect issues are another matter… like my electric company giving away my bank account info because the supposedly secure cloud service they use to process it gives it away to an abusive process running at the same time.

Fortnight us doing an upgrade to fix the issue: http://www.pcgamer.com/fortnite-serv…eltdown-patch/
--
The very powerful and the very stupid have one thing in common: instead of altering their views to fit the facts, they alter the facts to fit their views….
-- Doctor Who in "Face of Evil"
Last edited by Zloth; January 7th, 2018 at 04:35. Reason: Additional Link
Zloth is offline

Zloth

Zloth's Avatar
I smell a… wumpus!?

#236

Join Date: Aug 2008
Location: Kansas City
Posts: 7,483
Mentioned: 32 Post(s)

Default 

January 10th, 2018, 04:51
XKCD 'explanation' of the new issue.

https://xkcd.com/1938/
--
How about all games have a single huge lootbox you pay for up front that contains all the options, items, skins, unlocks etc? I'd pay for that!!
Wisdom is offline

Wisdom

Wisdom's Avatar
Torch & Pitchfork Vendor
Original Sin 2 Donor

#237

Join Date: Aug 2013
Posts: 2,869
Mentioned: 24 Post(s)

Default 

January 10th, 2018, 13:51
Microsoft reports that older hardware (haswell and earlier) will see significant slowdown (esp under versions of windows older than windows 10).
https://www.engadget.com/2018/01/09/…rformance-hit/
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#238

Join Date: Oct 2006
Location: usa - no longer boston
Posts: 7,758
Mentioned: 63 Post(s)
+1:

Default 

January 10th, 2018, 14:12
Originally Posted by you View Post
Microsoft reports that older hardware (haswell and earlier) will see significant slowdown (esp under versions of windows older than windows 10).
https://www.engadget.com/2018/01/09/…rformance-hit/
Yes, it's not good. In Linux land, where things are more open, there's been a lot of benchmarking with the new patches on various workloads. There seems to be three main patches: KPTI - which enforces stricter and slower segregation of kernel and user memory for Meltdown, Retopoline - which frustrates some variants of Spectre, and the microkernel updates. Taken together, the impact is pretty heavy in some scenarios, and degrades general performance to some degree.
--
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela
Super Moderator

#239

Join Date: Nov 2014
Posts: 11,011
Mentioned: 110 Post(s)

Default 

January 11th, 2018, 08:48
Yep, if you are like me and many others who are holding onto windows 7 come hell or high water, this "fix" hits those systems hard. No way in hell am I downloading this patch.

Not only that, but there are reports that the patch itself is causing blue screens and microsoft had to remove it just to fix the patch. This is just one more reason why I hate the new versions of windows, because it is all about auto-patching and microsoft took the control away from the user. I always have the windows update to notify me only, and then I decide whether to get the patches, just in case microsoft releases crap like this.

The patch is called "2018-01 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4056894)" for those who want to avoid it.
--
"Let Justice Be Done, Though The Heavens Fall"

To check out my games library, and see what recent games I'm playing, visit my steam profile! -- http://steamcommunity.com/profiles/76561197982351404
Arkadia7 is offline

Arkadia7

Arkadia7's Avatar
SasqWatch
Original Sin 2 Donor

#240

Join Date: Oct 2009
Location: Pacific NorthWest, USA!
Posts: 1,872
Mentioned: 16 Post(s)
RPGWatch Forums » General Forums » Tech Help » This week in computer security
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 14:41.
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, vBulletin Solutions Inc.
vBulletin Security provided by DragonByte Security (Pro) - vBulletin Mods & Addons Copyright © 2021 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging (Lite) - vBulletin Mods & Addons Copyright © 2021 DragonByte Technologies Ltd.
Copyright by RPGWatch