'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Discussion in 'other security issues & news' started by Minimalist, Jan 2, 2018.

  1. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    WBD, I am not using InSpectre - please advise: should I manually set these keys FeatureSettingsOverride and FeatureSettingsOverrideMask to '1' (with a reboot in between) to disable Spectre mitigation?
     
  2. guest

    guest Guest

    InSpectre Release #7 v0.0.6640.7 (March 8, 2018)
    Website
    What's New:
    InSpectre_#7_screenshot.png
     
  3. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    Yes, this is correct. You can either do FeatureSettingsOverride '1' and FeatureSettingsOverrideMask to '1' or FeatureSettingsOverride '1' and FeatureSettingsOverrideMask to '3' and both seem to achieve the same effect of having Spectre mitigation disabled while still keeping the Meltdown mitigation enabled. Whereas FeatureSettingsOverride '3' and FeatureSettingsOverrideMask to '3' would disable both mitigations.

    InSpectre set mine to FeatureSettingsOverride '1' and FeatureSettingsOverrideMask to '3'. It's as if I've bought a brand new computer, performance wise. :thumb:
     
  4. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
  5. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    HP has now released BIOS updates for two of my three HP laptops. The third one won't receive a BIOS update and none of my other laptops will.

    I'm hesitant to update, as I don't want to slow down my computers.
     
  6. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Microsoft expands availability of Windows security updates to fix Spectre and Meltdown issues
    https://mspoweruser.com/microsoft-e...y-updates-to-fix-spectre-and-meltdown-issues/
     
  7. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    :thumb::D
     
  8. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    599
    Location:
    UK
    But no update for older 4th and 5th generation chips. Considering these systems are the ones least likely to be supported by the manufacturers I feel Microsoft have their release schedule back to front. Haswell microcode is showing as production code so why leave it out?
     
  9. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    Good to see MS are - at last - not playing silly with W7 & 8.1, although the updates are tardy (which might not in fact be a bad thing - let W10 users take the pain of debugging).

    It's still sloppy that there's no MS end user tools for checking status, configuring & updating against Intel guidance.
     
  10. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,002
    Location:
    Member state of European Union
    It seems some Intel microcode updates can mislead OS kernels to think some CPUs are not vulnerable, while they are vulnerable. This may disable OS mitigations.

    https://marc.info/?l=openbsd-misc&m=152102745901174&w=2

     
    Last edited: Mar 14, 2018
  11. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    Mitigating speculative execution side channel hardware vulnerabilities
    Link: https://blogs.technet.microsoft.com...cution-side-channel-hardware-vulnerabilities/

    There is a huge amount of technical info in this blog post and therefore I am still reading it at the moment. Good stuff from Matt Miller as always.


    EDIT: Related Microsoft bug bounties for Speculative Execution.

    Link: https://blogs.technet.microsoft.com/msrc/2018/03/14/speculative-execution-bounty-launch/

     
    Last edited: Mar 14, 2018
  12. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,059
    Location:
    Texas
  13. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Chrome Extension Protects Against JavaScript-Based CPU Side-Channel Attacks
    https://www.bleepingcomputer.com/ne...st-javascript-based-cpu-side-channel-attacks/
     
  14. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    Last edited: Mar 17, 2018
  15. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Detecting Attacks that Exploit Meltdown and Spectre with Performance Counters
    https://blog.trendmicro.com/trendla...ltdown-and-spectre-with-performance-counters/
     
  16. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,540
    Location:
    Triassic
  17. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,429
    Location:
    U.S.A.
     
  18. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    High setting

    Fix: chrome://flags/#silent-debugger-extension-api
    * switch that flag to Enabled and the debugging infobar goes away. :thumb:
     
  19. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    The extension has an excessively intrusive behavior also by activating the flag proposed by WildByDesign.:thumb:

    99.jpg

    https://addoncrop.com/blog/disable-developer-mode-warning-google-chrome/
     
  20. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,059
    Location:
    Texas
    Meltdown, Spectre, and the Costs of Unchecked Innovation
     
  21. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,540
    Location:
    Triassic
    Thank you.

    @Sampei Nihira. Considering its purpose, I assumed it would be intrusive. It requires a close eye.
     
  22. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    @emmjay You're welcome. I tested this a bit more last night but the ChromeZero extension seemed to break too many sites on the higher levels. Also, my initial concern was that the extension's Github repo itself hadn't been updated in 7 months yet the OS and browsers have had important updates since that time related to JS timing and such. It's a good base code with potential but I think that it needs more development before widespread usage. Although of course it does have that disclaimer for non-production usage which is understandable.
     
  23. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    224
    Location:
    Canada
    Thanks for this!

    That gets rid of one annoyance I experienced. The other one I am getting is while using Hotmail. If I set the extension to Tin Foil Hat, I don't get annoying pop-ups, but the client won't display the body of emails. If I set the extension to anything below Tin Foil Hat (except for Off), I can see the body of emails, but I get a pop-up (seemingly from the Windows desktop) that says "Permission Request: Page wants to call window.addEventListener" with the options to Allow or Block. These pop-ups are generated every time I change directories, so, very frequently. Does anyone <cough>@WildByDesign<cough> know how to silence these? The only work-around I can figure out is to set the extension to Off for that tab and use it at higher levels for other tabs.

    BTW, Gmail does not generate any of these annoyances and seems to work fine so far at the Tin Foil Hat setting (which I have been defaulting to for all sites).
     
    Last edited: Mar 18, 2018
  24. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    You're welcome, happy to help. But unfortunately I do not have the answer to this question. This is actually the same reason why I ended up removing the extension after a few hours of testing. It would be better if the developer added an option to silence certain messages or better yet, some type of whitelist so that you could whitelist specific permissions per site. Hopefully the recent media exposure will give those developers (or other open source devs) the incentive to keep going further with that extension since it does have a lot of potential as far as web security goes in general.
     
  25. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,540
    Location:
    Triassic
    I had the extension running all day, but there were too many requests to allow/deny stuff that I needed to research. It got annoying.
    Decided to set it to 'off' instead of removing it. I agree, it needs more work.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.