[FRIAM] Meltdown & Spectre

Gillian Densmore gil.densmore at gmail.com
Thu Jan 4 21:03:30 EST 2018 

I don't pretend to have some of the tech reading skills to have followed
that article well. Is what it saying is Intell CPU's are bad about making
sure it has enough extra hands hands to  make sure they can do something
before doing so. And that basically it's possible to basically make a smart
are program that tells your computers brain it can do something and not to
bother checking, no really don't bother  if it can do something

Question: How realisticly likely (or do able) is that? and isn't that quite
a bit like many of the jerk  fake websites wich spam Chrome/Chromium
 browsers  trolling scripts that say: your computer has a bug a bajillion
times so as the browers goes kaboom? On windows 10 almost all of them try
to look like a fake patch or flash update or something and make an obnoxous
beep or alert type of sound "your computer is infected! call MS tech
Support  " If that's oddly specific I have run into that. particular one.
Their's probably others like it.

So if I read this right: a Meltdown/Spectre style aholery tells your
computer a whoper of a story. Realy fast in the hopes, of burning through
more brain power than it has? Didn't we have this in the 80's and 90's?
Something like a DDOS and Ping of Doom and other similler issues?  Didn't
they fix that after Anonymous found out how to crash the whole Sony Network
just bey changing their clocks?(and doing the same to Battlenet/D) many
years ago? I know they crashed battle.net using a fake patch that basically
told a whoper to blizzards (then) only clock, such that when people updated
to a fake patch it kept doing so (9999999 times a second because the clock
was lied to)

I don't know what was more impressive that they could make a fake patch,
[and users didn't know it was fake including me]Or that no one at blizzard
or activision checked , or that patch bassically sat in 2billion peoples
cache for almost 3 months

Please correct me if I'm wrong. Spectre/Meltdown look to be in the same
vane.but (possible) able to reak much more havoc.

The technique of lying to the computers memory is strangely similler how
some game bots work. Is that for speed? or just a limitation of processors?
if you know. I am genuinely curius^_^

et.worldofwarcraft.wikia.com/wiki/Warden_(software)
<https://www.google.com/search?source=hp&ei=zNlOWtDLKqrAjwSvvaDICA&q=wow+game+bots+warden&oq=wow+game+bots+warden&gs_l=psy-ab.3..33i22i29i30k1.405.7040.0.7446.21.20.0.0.0.0.128.1941.13j7.20.0....0...1.1.64.psy-ab..1.18.1791.0..0j35i39k1j0i131k1j0i20i264k1j0i131i20i264k1j0i20i264i46k1j46i20i264k1j0i22i30k1j33i160k1.0.bv_7I0k1L_0#>

   1.
   <http://webcache.googleusercontent.com/search?q=cache:Vm9K23B41ZAJ:et.worldofwarcraft.wikia.com/wiki/Warden_(software)+&cd=1&hl=en&ct=clnk&gl=us>
   2.
   <https://www.google.com/search?q=related:et.worldofwarcraft.wikia.com/wiki/Warden_(software)+wow+game+bots+warden&tbo=1&sa=X&ved=0ahUKEwiQ9Nva2r_YAhXWqYMKHYd1Dp0QHwgtMAA>


For example on the legit side:Warden (WarCrafts memory and saftey system)
helps tell legit bots (called mobs and NPC's)  what to do. It's possible to
mis-lead Warden in a simillar way as spectre, Some scripting stunts (cache
from LUA for example)

can at  ask Warden what it's thinging about (IF ha ha haha the Warden+LuA
key chained API  hahahahah hasn't changed a running joke for LUA
enthusiasts because it will  )

On the good side that meens realy bad ass things like tweaking textures or
how some stuff to just your computer looks, or adding nice quality of life
things.

However some people use that to cheat well beyond what the company allows
and I can't help but wonder if iSpectre/Meltdown use simillar tricks just
because the way it looks to work to me is very simillar to  how some game
bots and Mobs work.



On Thu, Jan 4, 2018 at 5:10 PM, cody dooderson <d00d3rs0n at gmail.com> wrote:

> Does anyone know if the Ethereum cryptocurrency is affected by these bugs?
> I think it has some sort of distributed scripting based on javascript.
>
> Cody Smith
>
> On Thu, Jan 4, 2018 at 3:26 PM, glen ep ropella <gepr at tempusdictum.com>
> wrote:
>
>> I'm sure you're all already aware... But just in case:
>>
>> Reading privileged memory with a side-channel
>> https://googleprojectzero.blogspot.com/2018/01/reading-privi
>> leged-memory-with-side.html
>>
>> --
>> glen
>>
>>
>> ============================================================
>> FRIAM Applied Complexity Group listserv
>> Meets Fridays 9a-11:30 at cafe at St. John's College
>> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
>> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>>
>
>
> ============================================================
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://redfish.com/pipermail/friam_redfish.com/attachments/20180104/c0898f0b/attachment.html>

More information about the Friam mailing list