hate these ads?, log in or register to hide them
Page 50 of 51 FirstFirst ... 404748495051 LastLast
Results 981 to 1,000 of 1018

Thread: Antivirus is shit, everything is compromised, etc etc (Cybersecurity thread)

  1. #981
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,645
    It's repeatedly stated that RDMA isn't the crux of the issue.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  2. #982
    Donor erichkknaar's Avatar
    Join Date
    April 10, 2011
    Posts
    13,936
    effectively recommends turning off either DDIO or RDMA in untrusted networks.
    Thanks, captain obvious.
    meh

  3. #983

    Join Date
    April 14, 2011
    Posts
    7,311
    Quote Originally Posted by Daneel Trevize View Post
    It's repeatedly stated that RDMA isn't the crux of the issue.
    RDMA is literally the crux of the issue. It's a cache timing attack done over RDMA. The only distinguishing feature of this attack versus every other cache timing attack (and there are many) is that it's executed by RDMA (or "over the network" if you want to buy into the authors' sensationalism).

    Well, there's the fact that they've chosen to attack interactive input, but that's because this mode of attack would be fucking useless against anything of actual use to an attacker.

    "Lads, we've compromised the RDMA interface, what should we do?"
    "Sit there and inject gigabytes per second of carefully crafted cache noise until someone who matches our typing analysis model types in something sensitive interactively!"
    "Genius!"

    It is hard to stress how insignificant this attack is. By my reckoning it comes out as a CVSSv3 2.6 - that does not even rank as a vulnerability for most organisations.

    The fact that they've decided to release a fully branded attack via the press release to the media before publishing an actual vulnerability record should tell you everything you need to know about these gloryhunting charlatans.

  4. #984
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    10,737
    Finally fixed the issue preventing my old Win7 system from getting security updates: Microsoft switched over to signing updates with SHA-2, but the update that allowed Windows to read SHA-2-signed updates didn't install correctly... Installed it manually, now have mitigations for my Ivy Bridge system.

    The performance loss is horrible, but at least I'm safer.
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  5. #985
    Cosmin's Avatar
    Join Date
    March 14, 2012
    Location
    UK
    Posts
    6,741
    Safer from what exactly? I don't mean to sound daft, but what are the chances you'll be targeted by Meltdown stuff? I mean idk, depends on what you're doing on your computer as well, I gave up on doing payments or transactions on my Windows PC a long time ago - using phone and Mac, both patched to date. Losing performance for 95% of the tasks doing on your PC sounds just daft.
    Guns make the news, science doesn't.

  6. #986
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,645
    Quote Originally Posted by elmicker View Post
    Quote Originally Posted by Daneel Trevize View Post
    It's repeatedly stated that RDMA isn't the crux of the issue.
    RDMA is literally the crux of the issue.
    The researchers devised NetCAT after reverse-engineering DDIO and finding that last-level caches were sharing data across CPUs and peripherals
    The researchers used rapid delivery provided by RDMA to simplify the attack, but it's not a strict requirement, and future attacks may not need it at all.
    In short, the root cause of the vulnerability boils down to Intel's DDIO feature enabling the (last-level) CPU cache to be shared with arbitrary peripherals such as network cards. This dramatically extends the attack surface of traditional cache side-channel attacks, which are normally mounted on a local setting (say from a VM to another in the cloud), exposing servers to cache side-channel disclosure from untrusted clients over the network. Using RDMA (for convenience), we have demonstrated the vulnerability can be exploited in real-world settings to leak sensitive information (e.g., keystrokes from an SSH session).
    RDMA was for the keystroke timing attack, as it is easy to publicise. DDIO is flawed and more attacks will be developed.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  7. #987

    Join Date
    April 14, 2011
    Posts
    7,311
    Except without RDMA the cache is only open to local devices, making the attack vector absolutely worthless in practice. If someone's got your network adapters owned to leverage ddio they can already do a damned sight more than maybe sniff the occasional password through an impractical cache timing attack.

  8. #988
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    10,737
    Quote Originally Posted by elmicker View Post
    Except without RDMA the cache is only open to local devices, making the attack vector absolutely worthless in practice. If someone's got your network adapters owned to leverage ddio they can already do a damned sight more than maybe sniff the occasional password through an impractical cache timing attack.
    And if someone remotely compromises a local device?
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  9. #989
    Keckers's Avatar
    Join Date
    July 31, 2012
    Posts
    19,788
    What if someone steals my debit card and rinses my bank account with wireless payments?
    Quote Originally Posted by Paul Mason
    It is absurd that we are capable of witnessing a 40,000 year old system of gender oppression begin to dissolve before our eyes yet still see the abolition of a 200 year old economic system as an unrealistic utopia.

  10. #990
    Donor erichkknaar's Avatar
    Join Date
    April 10, 2011
    Posts
    13,936
    Quote Originally Posted by Keckers View Post
    What if someone steals my debit card and rinses my bank account with wireless payments?
    Better hope you have enough money in other accounts to make your bank go "sure, no problem" and reverse all the charges.
    meh

  11. #991
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    10,737
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  12. #992
    Donor erichkknaar's Avatar
    Join Date
    April 10, 2011
    Posts
    13,936
    Last pass is fucking terrible. Their "service" crashed on me the first time I tested the master password retrieval.
    meh

  13. #993
    Cosmin's Avatar
    Join Date
    March 14, 2012
    Location
    UK
    Posts
    6,741
    This is hilarious https://arstechnica.com/information-...-kaspersky-av/


    Sent from my iPhone using Tapatalk
    Guns make the news, science doesn't.

  14. #994
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    10,737
    New scam.

      Spoiler:
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  15. #995

    Join Date
    May 31, 2011
    Posts
    4,836
    Quote Originally Posted by Cosmin View Post
    Remember when the U.S. banned Kaspersky from being used in its administration back in 2017, accusing them of spying on the U.S. on behalf of the FSB, because KAV turned up some classified CIA (or FBI, don't remember) documents?

    Same happened there: contractor took secret files home. Then used a (virus-ladden) key generator for a MS Office installation, which in turn infected the secret Office documents he opened. And as he agreed to participated at the KSN*) (=automatically upload suspicious files to Kaspersky for further investigation), the secret documents ended up in Kaspersky's possession.

    Full story

    *) And that's not a hidden feature one has to hunt down to turn off. It is a prominent and separate step during the installation, to which one needs to agree.

  16. #996
    Donor Spaztick's Avatar
    Join Date
    April 10, 2011
    Location
    No Longer up High Sierra's Ass
    Posts
    10,177


    Turns out NordVPN had a breach and everything is bad.

  17. #997
    Keckers's Avatar
    Join Date
    July 31, 2012
    Posts
    19,788
    So what vpn is probably not terrible?
    Quote Originally Posted by Paul Mason
    It is absurd that we are capable of witnessing a 40,000 year old system of gender oppression begin to dissolve before our eyes yet still see the abolition of a 200 year old economic system as an unrealistic utopia.

  18. #998
    Mashie Saldana's Avatar
    Join Date
    April 10, 2011
    Location
    Peterborough, UK
    Posts
    1,101
    Quote Originally Posted by Keckers View Post
    So what vpn is probably not terrible?
    I have used Private Internet Access for the past 2 years.

    They are the largest ones out there and whenever some government is starting to demand logging of their users they stop operating in that country (such as South Korea).
    How to tell the difference between Machine Learning and AI:
    If it is written in Python it is most likely Machine Learning.
    If it is written in PowerPoint it is most likely AI.

  19. #999

    Join Date
    April 14, 2011
    Posts
    7,311
    Quote Originally Posted by Mashie Saldana View Post
    they stop operating in that country (such as South Korea).
    I'd take this with a grain of salt. If your objective is to hide your activities from your local government, a publicly run VPN is not the way to go about things. The VPN operator might think they're all nice and safe with their warrant canaries and their promise (honest!) to keep absolutely no logs, but frankly a legitimate authority can work around those things in about five minutes.

  20. #1000
    Donor Spaztick's Avatar
    Join Date
    April 10, 2011
    Location
    No Longer up High Sierra's Ass
    Posts
    10,177
    I would expect a government agency with determination to find a way to get into a VPN service and get encryption keys, planting employees (because corporate espionage is legal when the government does it), or just get a warrant to break into a server farm and seize the hardware.

    I think the video above illustrates the fundamental problem with VPNs, you can't really audit their services properly because of the scope of and nature of a VPN provider. Who's going to fly out security auditors around the world to check a VPN server farm?

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •