• Google’s JavaScript team: Spectre mitigation doomed to failure

    Home » Forums » Newsletter and Homepage topics » Google’s JavaScript team: Spectre mitigation doomed to failure

    • This topic has 18 replies, 11 voices, and was last updated 6 years ago by anonymous.

    Tags:

    Author
    Topic
    #846430

    That isn’t exactly what they said, but it’s pretty close. Here’s what they do say: A year with Spectre… When it was shown that JavaScript could be u
    [See the full post at: Google’s JavaScript team: Spectre mitigation doomed to failure]

    6 users thanked author for this post.
    Viewing 7 reply threads
    Author
    Replies
    • #848238

      I have tried contacting several of the AV companies about my solution to detect any and all Meltdown and Spectre attacks, since such attacks require zero malware techniques**.

      ** Zero malware techniques in terms of implementation, yet not zero in terms of potential delivery methods to a target computer.

      None of them responded since I was not willing to disclose my detection methods. Does anyone here work for an AV company who might see the value of being able to detect any variant of Meltdown, Spectre, BranchScope and Side Channel attacks, no matter what, such that until an attack is detected then all OS and BIOS mitigations can remain disabled for maximum CPU performance, and without allowing any confidential data escape from a computer? Needless to say, Intel and motherboard manufacturers would not be happy if this could be done, since all want to sell newer hardware. It is what it is.

       

      • #848742

        None of them responded since I was not willing to disclose my detection methods.

        In all fairness, that’s kind of like trying to sell a “guaranteed alchemy device” to a chain of jewelry stores without offering proof of functionality.

        Spin up a server on a cloud platform, deploy your technology on it, and invite those same folks to try to side-channel their way in. Send them logs of their detected attempts, then collect your rewards.

      • #883906

        AV companies hear that pitch many times a day.

        You might as well be trying a cheap pick-up line on a pretty girl…. she’s heard them all already and is bored.

    • #848323

      So, according to the V8 experts, Spectrum it is one of those things that hang over our heads, but it is unclear what risk, if any, they present to us below and, as no one can do much in practice about them anyway, we are probably better off if we shrug them off and go on with our everyday lives. If they are right, then their advice is as good as it can be.

      Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

      MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
      Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
      macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

      2 users thanked author for this post.
      • #851807

        I get the sneeky-pete feeling if and when Meltdown or Spectre is exploited it will be from a Nation-State entity that has the resources to do such. They will not just exploit it, but hang the albatross around an innocent bystander’s neck, then slip back into the darkness. Then again some person sitting in Mom’s basement in a bathrobe might beat them to it and be caught because they left a trail even a weak link could follow.

        If they could dumb the language down enough it would make a so~so cyber-spy novel.
        Mission Impossible XII? Hackers IV? Who am I kidding, movie rights are probably being negotiated as I type this.

        3 users thanked author for this post.
    • #851295

      Wonder if Intel has fixed all Specter and Meltdown mitigations in its new 9th-gen CPUs announced to day.

      • #851997

        Wonder if Intel has fixed all Specter and Meltdown mitigations in its new 9th-gen CPUs announced to day.

        From what I read here, Ice fails in that respect.
        https://www.digitaltrends.com/computing/intel-ice-lake-wont-rid-spectre/

        4 users thanked author for this post.
        • #854888

          Bluetrix,

          I excerpt below a few paragraphs from the article you gave a link to, and that I think make the case that, as you think, this is more likely to be something to be exploited by national cyber military organizations against other nations’ critical infrastructures, rather than against users like us.

          There are already other ways to get to individual users and small businesses, known to be effective enough, so launching such a sophisticated attack against any such a user may not be worth the bother.

          This may change when there is an actual attack, most likely from one nation against another. Then chip makers and software developers will get motivated to put security above raw processing speed as a defining consideration. Until then, I suspect that being faster than the competition will get in the way of plugging this vulnerability in an effective way.

          The problem is that these fixes don’t go far enough. As far as Kocher [a security expert quoted in this article] sees it, Intel has no concrete plan for fixing Spectre variant one. The only proposed solution that he’s caught wind of pushes the problem onto software developers and asks them to input what’s known as an “LFENCE” command within an application every time there’s an “if” statement within its coding.”
          “Worse still, Kocher believes that there is little in the future of CPU chip design at a variety of companies which will ward of these kind of speculative bugs. His view of the future sees many manufacturers using lots of speculative optimizations to further enhance performance, which leaves them vulnerable to these sorts of attacks.”
          The only silver lining to all this is that for the average person, Spectre and its fellow branch misdirection exploits are the least of our security worries. There are far easier ways for nefarious hackers to infiltrate systems. Malware and social engineering have been successful attack vectors for decades and that seems unlikely to change any time soon.

          Spectre and its contemporaries will likely remain a looming apparition over the CPU industry for years to come, and it’s something that bears remembering it exists. But if you want to improve your chances of avoiding being hacked, there are are certainly more things to worry about than any potential fixes Ice Lake might bring to the table.

          Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

          MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
          Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
          macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

          1 user thanked author for this post.
          • #857236

            “The only silver lining to all this is that for the average person, Spectre and its fellow branch misdirection exploits are the least of our security worries.

            Correct me if I am wrong, but didn’t the breach of passwords and financial information from large data bases affect the “average” person. It seems to me this is where the little person falls between the cracks. Just because it is a conglomerate that most likely will be a target doesn’t mean we the ants won’t be affected, and for more reasons than I care to type.
            I’m responding to your posted excerpt, not you personally. It doesn’t matter that my examples weren’t Spectre or Meltdown related, in the future it’s possible they may be responsible.

            3 users thanked author for this post.
            • #860270

              Bluetrix,

              Sorry that I was not clear enough: I was referring as unlikely only to direct attacks against you, me and the guy next door and his small business. An attack on critical infrastructures, on the other hand, whether they belong to the government (military bases, water purification stations, traffic lights…) or are privately run (nuclear power stations, large telecoms, social networks, data vaults, …), that can badly affect the whole nation, or a good portion of it, can, of course, also affect us small-timers.

              We are not going to be immune to the effects of such attacks; just not likely to be targeted individually for them. Which is already something good enough to feel at least a little better about, I think.

              Recent events show that we might have reason to be concerned personally about, for example, personal data breaches in Facebook (even if we don’t have Facebook accounts, but other people that know us have put up our pictures, addresses, etc. in theirs).

              Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

              MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
              Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
              macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

              2 users thanked author for this post.
            • #860695

              I got your point Oscar, I was adding my spin to it. 🙂

              2 users thanked author for this post.
            • #892626

              To me it all underlines the kind of toolboxes that are (becoming) available for highlevel compromising computerized networks…. From Stuxnet invading nuclear plants in Iran to ordinary databasebreaches. The whistleblowers will be followed by many to come, I fear.

              * _ ... _ *
              1 user thanked author for this post.
    • #854463

      I felt like the solutions were cobbled together and rushed out and caused more issues then the Spectre/Meltdown threats that had yet materialized. So over hyped in so many ways that it was hard to tell the truth from the headline grabbers. Other then some flaky firmware releases I felt it was a non event.

    • #854520

      Do the new processes have this fixed in hardware now (without the performance hits and the need for a BIOS fix)?

      • #854769

        The newer processors do not have Meltdown/Spectre mitigation built in yet.

    • #868992

      Maybe the Chrome/V8 team should have an easy to access JavaScript kill switch just in case Spectre and fiends become serious trouble.

    • #893025

      Maybe the Chrome/V8 team should have an easy to access JavaScript kill switch just in case Spectre and fiends become serious trouble.

      5G networks compromized by ? …

      * _ ... _ *
    • #911561

      I wouldn’t be surprised if, in future, we start to see new processors on the market with speculative execution disabled altogether. Although significantly slower, they could be advertised as “more secure”.

    Viewing 7 reply threads
    Reply To: Google’s JavaScript team: Spectre mitigation doomed to failure

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: