In A Meltdown And Spectre World Is Digital Privacy Truly Dead?

https://www.forbes.com/sites/kalevl...d-spectre-world-is-digital-privacy-truly-dead

 

No in regards to the small computer architecture and resultant offspring's from it goes. There never was any and never will be any.

 

I remember Dijsktra saying the PC had put computing back 25 years.

He was optimistic, though he could emphatically say "I told you so".

I think the mitigations of this debacle will evolve over time. For sure, in the short term, controlling javascript is a necessary protection. While improvements to JIT and browser mods may help, they are not going to be assured by any means.

And, to put things in some kind of perspective, clients were always "terrifically weak". So there are many other threats which people will use that can take over control of the machine as opposed to "just" exfiltrating secrets, because the software is so full of holes.

I think what has changed most, that's very significant, is regarding cloud computing - that any kind of multi-tenant arrangement may get compromised by this class of threat. I think the actors involved will need to be fairly sophisticated and targeted from what I could assess, and it's not clear how information could be taken in practice this way.

FWIW, I disagree with the assessment regarding the TLA's knowledge of this. I would be fairly confident that they have invested in this class of attack and are well aware of it, although would not normally want to use it. But it's symptomatic of the damaging focus on attack over defence that's now left us all vulnerable, well downstream. I'd like the VEP to responsibly evaluate the huge costs of this form of vulnerability hiding.

 

I don't do forbes, but in the world as we know it I agree with you. Anybody who thinks the PTB have or will have our best interests at heart is dreaming. Intel, M$, FB, Google etc are all part of it. If they weren't they would never (have been allowed to) have got this far. Saying "never will be" to some folks is tantamount to grand paranoia on an unprecedented scale. I call it seeing things as they are.

 

As far as data held on an internet connected device is concerned, yes, privacy is dead.
If you had a friendly acting neighbour and you trusted him with the keys to your house and then discovered he had ransacked the place, gone through all your personal and private things and made copies of all and any of your documents and paperwork and then sold them. Would anyone say, that's OK, the neighbour has to make a profit?
Well that is exactly what the tech industry has done, they are all party to it in one way or another and we are supposed to say thats OK, they have to make a profit.
Well its not OK.
Some may not like what I said about them in my rant on that other thread, but that is, how it is.

 

It was dead a long time ago.

 

What's the impact on VMs? I mean, if you only use VMs for web browsing, email and so on, can code like Meltdown and Spectre get to the host CPU?

If it can't, you can just compartmentalize in multiple VMs. And even if it can, you can compartmentalize in multiple hosts. So you just make sure that no particular compartment contains stuff that would be seriously problematic, even if it were all known by adversaries.

 

I would imagine so, you can virtualize a file system and some hardware but at the end of the day, the CPU is the real one.

 

"Well the neighbor told you (whispered you) that he was gonna do that before you gave him your keys (didn't you read TOS?). Maybe you didn't understand when you gave him your keys, but that's your problem." - Something like that would be an answer from your "friendly acting neighbor"

 

Yes, the CPU is the CPU. But the code is running in the VM. And it has limited access to the CPU, I suspect. Or at least, would hope.

Edit: It looks like one VBox VM isn't affected by Meltdown in another VM, as long as VT is used. But with Spectre, it's possible, albeit harder to implement.

https://www.linuxglobal.com/meltdown-bug-affected-virtualization-technologies/

 

I've been doing some digging on this one, for VMWare at least, because there seems to be a deathly silence from VirtualBox last time I looked. As you might expect, VMWare are fairly professional - partly because they've been doing AWS for some time.

IF you have been able to patch your host, including the microcode for the processor, then on Workstation 14.1.1, you're protected, and they seem to imply that that ensures guest-host and guest-guest isolation against the 3 CVEs, even if the guest isn't protected. And the guests should be able to see the cpu mitigations too with 14.1.1, and hence be patchable.

But, I suspect in reality that that is only for Spectre attacks/PoC that are known about; and I think there will need to be some careful examination of Tools and Shared Folder type facilities for vulnerabilities of this class. The thing that worries me is the guest-guest isolation will not be as solid as we had assumed, though I imagine the exploits would be hard to achieve and maybe restricted in value - but since we've only had PoC, who knows. I think we'll need to keep a close eye on this for some time. For sure, it's reminded me to harden guest VMs as much or more than anything else.

 

I would love to know the answer on the virtual machine questions when and IF someone comes across a credible link to read up. I never use workspace outside of a VM, and I never use a host on a machine that comes back to my REAL NAME. All we can do is compartmentalize and TRY as best we know how. Of course I do own computers that I use for real name stuff but they are outside of this conversation.

 

Right. And for that, the outermost VPN in a nested chain must be running on different hardware, such as a router.

 

Digital privacy is instantly eliminated the moment you connect your computer to the Internet.

 

Well, when you run a program on a computer, be that the OS, the VM or an application, the code of those software programs is compiled to machine code instructions to the CPU.
Some of those instructions, like graphics, I believe are sent directly to other processors like the GPU but at the end of the day, the VM is just another collection of machine code instructions.

 

Perhaps so, but compartmentalization. Let's say that I have two computers. One contains only stuff related to my meatspace identity. There's nothing there that even hints of Mirimir. I don't use English very much, and I never use English for social media and such. Another computer runs the VM that I'm using now. That VM contains only Mirimir's stuff, with nothing that even hints of my meatspace identity. There are other VMs for other personas. The host computer itself reaches the Internet through a VPN running on a pfSense router. There are pfSense VMs as gateways for the rest of the nested VPN chain that this VM uses. And other pfSense VMs as gateways for VPNs in nested chains that other VMs use.

So, even if all of the VMs and hosts are pwned, the key secret -- who Mirimir is in meatspace -- remains private.

 

Well, according to https://www.linuxglobal.com/meltdown-bug-affected-virtualization-technologies/ it's not that simple.

 

There is such a thing as a CPU emulator which would intercept instructions to the CPU but I don't think VM's do that, and even then, the CPU emulator is still software and is itself instructions to the real CPU.

Edit: I read the article and I haven't yet fully understood in what way the CPU exploit could be used to retrieve data that is being processed by the CPU. Perhaps VM technology prevents code that would do whatever it takes from running?

 

https://www.linuxglobal.com/meltdown-bug-affected-virtualization-technologies/

 

@mirimir what I meant was I don't fully understand what is going on at the CPU level. For example I didn't know CPU's had any concept of protected memory, up to now I had thought it was the operating system's job to decide which application or user could access which memory addresses.
Although maybe that is not really the issue and it is the way the CPU's cache stores data it thinks will be needed again soon.

 

Note that this is about Meltdown, not Spectre vulnerabilities.

He says: "Note that Spectre is capable leaking hypervisor memory from all hypervisors running on affected processors (Intel and possibly AMD, ARM) but it is both more difficult to exploit and to mitigate. "

I'd add Firejail and Sandboxie to the list of vulnerable quasi-containers, there's nothing they can do about this. One aspect of both of those is that for apps that don't need internet connectivity, they can prevent exfiltration of secrets by the rogue process.

 

Yes, I certainly don't know. But given how pervasive VMs are, I'm sure that we'll find out.

And whatever, hardware compartmentalization looks like the prudent path.

 

https://www.wilderssecurity.com/thr...-windows-redesign.399338/page-18#post-2730809
My opinion on this: Unfortunately Firefox (even Quantum) is not designed to be sandboxed to the degree Chrome is and after post-Spectre world it will severely bite them in the *** if they will not quickly discover way to mitigate this at JIT engine and compiler level, while maintaining reasonable performance.
For me Spectre vuln is main argument, reason for using NoScript.

 

I wonder who chose the name spectre, for this exploit.
If you're an Ian Flemming fan you'll know SPECTRE as the Special Executive for Counter Intelligence, Terrorism, Revenge and Extortion.

 

The other bug, Spectre, involves two known attack strategies so far, and is far more difficult to patch. (And in fact, it may be impossible to defend against it entirely in the long term without updating hardware.)
https://www.wired.com/story/meltdown-and-spectre-vulnerability-fix/