[FRIAM] Meltdown & Spectre

Alfredo Covaleda Vélez alfredo at covaleda.co
Sat Jan 6 08:50:55 EST 2018 

https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others-are-doing-about-it/

On Thu, Jan 4, 2018 at 11:23 PM, Marcus Daniels <marcus at snoutfarm.com>
wrote:

> Hah.  That’s pretty much the end.
> The out-of-order-execution machinery has a (poker) ‘give’ that can be
> exploited.
> Of course it could.  Probably has been in use for years.  Wow.
>
>
>
> Sent from my iPhone
>
> On Jan 4, 2018, at 7:03 PM, Gillian Densmore <gil.densmore at gmail.com>
> wrote:
>
> I don't pretend to have some of the tech reading skills to have followed
> that article well. Is what it saying is Intell CPU's are bad about making
> sure it has enough extra hands hands to  make sure they can do something
> before doing so. And that basically it's possible to basically make a smart
> are program that tells your computers brain it can do something and not to
> bother checking, no really don't bother  if it can do something
>
> Question: How realisticly likely (or do able) is that? and isn't that
> quite a bit like many of the jerk  fake websites wich spam Chrome/Chromium
>  browsers  trolling scripts that say: your computer has a bug a bajillion
> times so as the browers goes kaboom? On windows 10 almost all of them try
> to look like a fake patch or flash update or something and make an obnoxous
> beep or alert type of sound "your computer is infected! call MS tech
> Support  " If that's oddly specific I have run into that. particular one.
> Their's probably others like it.
>
> So if I read this right: a Meltdown/Spectre style aholery tells your
> computer a whoper of a story. Realy fast in the hopes, of burning through
> more brain power than it has? Didn't we have this in the 80's and 90's?
> Something like a DDOS and Ping of Doom and other similler issues?  Didn't
> they fix that after Anonymous found out how to crash the whole Sony Network
> just bey changing their clocks?(and doing the same to Battlenet/D) many
> years ago? I know they crashed battle.net using a fake patch that
> basically told a whoper to blizzards (then) only clock, such that when
> people updated to a fake patch it kept doing so (9999999 times a second
> because the clock was lied to)
>
> I don't know what was more impressive that they could make a fake patch,
> [and users didn't know it was fake including me]Or that no one at blizzard
> or activision checked , or that patch bassically sat in 2billion peoples
> cache for almost 3 months
>
> Please correct me if I'm wrong. Spectre/Meltdown look to be in the same
> vane.but (possible) able to reak much more havoc.
>
> The technique of lying to the computers memory is strangely similler how
> some game bots work. Is that for speed? or just a limitation of processors?
> if you know. I am genuinely curius^_^
>
> et.worldofwarcraft.wikia.com/wiki/Warden_(software)
>
> <https://www.google.com/search?source=hp&ei=zNlOWtDLKqrAjwSvvaDICA&q=wow+game+bots+warden&oq=wow+game+bots+warden&gs_l=psy-ab.3..33i22i29i30k1.405.7040.0.7446.21.20.0.0.0.0.128.1941.13j7.20.0....0...1.1.64.psy-ab..1.18.1791.0..0j35i39k1j0i131k1j0i20i264k1j0i131i20i264k1j0i20i264i46k1j46i20i264k1j0i22i30k1j33i160k1.0.bv_7I0k1L_0#>
>
>    1.
>    <http://webcache.googleusercontent.com/search?q=cache:Vm9K23B41ZAJ:et.worldofwarcraft.wikia.com/wiki/Warden_(software)+&cd=1&hl=en&ct=clnk&gl=us>
>    2.
>    <https://www.google.com/search?q=related:et.worldofwarcraft.wikia.com/wiki/Warden_(software)+wow+game+bots+warden&tbo=1&sa=X&ved=0ahUKEwiQ9Nva2r_YAhXWqYMKHYd1Dp0QHwgtMAA>
>
>
> For example on the legit side:Warden (WarCrafts memory and saftey system)
> helps tell legit bots (called mobs and NPC's)  what to do. It's possible to
> mis-lead Warden in a simillar way as spectre, Some scripting stunts (cache
> from LUA for example)
>
> can at  ask Warden what it's thinging about (IF ha ha haha the Warden+LuA
> key chained API  hahahahah hasn't changed a running joke for LUA
> enthusiasts because it will  )
>
> On the good side that meens realy bad ass things like tweaking textures or
> how some stuff to just your computer looks, or adding nice quality of life
> things.
>
> However some people use that to cheat well beyond what the company allows
> and I can't help but wonder if iSpectre/Meltdown use simillar tricks just
> because the way it looks to work to me is very simillar to  how some game
> bots and Mobs work.
>
>
>
> On Thu, Jan 4, 2018 at 5:10 PM, cody dooderson <d00d3rs0n at gmail.com>
> wrote:
>
>> Does anyone know if the Ethereum cryptocurrency is affected by these
>> bugs? I think it has some sort of distributed scripting based on
>> javascript.
>>
>> Cody Smith
>>
>> On Thu, Jan 4, 2018 at 3:26 PM, glen ep ropella <gepr at tempusdictum.com>
>> wrote:
>>
>>> I'm sure you're all already aware... But just in case:
>>>
>>> Reading privileged memory with a side-channel
>>> https://googleprojectzero.blogspot.com/2018/01/reading-privi
>>> leged-memory-with-side.html
>>>
>>> --
>>> glen
>>>
>>>
>>> ============================================================
>>> FRIAM Applied Complexity Group listserv
>>> Meets Fridays 9a-11:30 at cafe at St. John's College
>>> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
>>> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>>>
>>
>>
>> ============================================================
>> FRIAM Applied Complexity Group listserv
>> Meets Fridays 9a-11:30 at cafe at St. John's College
>> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
>> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>>
>
> ============================================================
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>
>
> ============================================================
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://redfish.com/pipermail/friam_redfish.com/attachments/20180106/02c4d07c/attachment.html>

More information about the Friam mailing list