spectre   1084

« earlier    

More Spectre Mitigations in MSVC | C++ Team Blog
Previous Spectre mitigations in MSVC were available under Qspectre.
New compiler switches Qspectre-load and Qspectre-load-cf.
These switches will be available starting in Visual Studio 16.5 preview 3. These switches will be available in MSVC toolsets included in all future releases of Visual Studio.
msvc  Spectre  mitigation  VS16.5  VisualStudio  2020  Microsoft  OfficialSite  blog  DanielDonenfeld 
4 weeks ago by dlb
More Spectre Mitigations in MSVC | C++ Team Blog
In a previous blog post, Microsoft described the Spectre mitigations available under /Qspectre. These mitigations, while not significantly impacting performance, do not protect against all possible speculative load attacks. We are now adding two new switches /Qspectre-load and /Qspectre-load-cf to provide a more complete mitigation of Spectre attacks based on loads for customers. These switches are only available on x86 and x64 platforms.
msvc  C++  Microsoft  Spectre  2020  VisualStudio  VisualStudio16.3  blog  DanielDonenfeld 
5 weeks ago by dlb
MDS Attacks: Microarchitectural Data Sampling
"The reason our attacks are impervious to all the existing defenses against speculative execution attacks is that they can leak in-flight data. Unlike other recent attacks such as Spectre, Meltdown, and Foreshadow which are based on vulnerabilities leaking data from the CPU caches, RIDL and Fallout collect data from internal CPU buffers (Line Fill Buffers, Load Ports, Store Buffers). Intel describes the exploited vulnerabilities as "Microarchitectural Data Sampling" (MDS) - where "sampling" is another way of saying that we can leak in-flight (or "sampled") data from many of these microarchitectural buffers. [...] Most importantly, our research shows that what last year appeared to be exceptional one-time speculative execution bugs are actually systemic, and the problems in modern CPUs may go much deeper than we initially thought."

On 2019/11/12: "we (VUSec) disclose TSX Asynchronous Abort (TAA), a "new" speculation-based vulnerability in Intel CPUs as well as other MDS-related issues, as described in our new RIDL addendum. In reality, this is no new vulnerability. We disclosed TAA (and other issues) as part of our original RIDL submission to Intel in Sep 2018. Unfortunately, the Intel PSIRT team missed our submitted proof-of-concept exploits (PoCs), and as a result, the original MDS mitigations released in May 2019 only partially addressed RIDL. "
spectre  intel  security  hardware  this_is_fine 
november 2019 by mechazoidal
Alexey Titarenko
Alexey Titarenko was born on Vassilievsky Island in Leningrad (now St.Petersburg) in 1962. He began taking pictures in 1971, at the age of nine, and graduated from the Leningrad Public University of Society-related Professions in 1978 with a degree in Photojournalism.
photography  black&white  ghostly  spectre 
october 2019 by markogara
grsecurity - Teardown of a Failed Linux LTS Spectre Fix
grsecurity is an extensive security enhancement to the Linux kernel that defends against a wide range of security threats through intelligent access control, memory corruption-based exploit prevention, and a host of other system hardening that generally require no configuration.
spectre  fail  linux 
september 2019 by xer0x
Twitter
Shot with , amazing app from the makers of .
Spectre  from twitter_favs
september 2019 by marks

« earlier    

related tags

$250  (late  10  10th  13  15  1993  2013  2018  2019)  2019  2020  4k  9th  a  added  amd  and  announces  anotherone  app  apps  arch  architecture  arm  arstechnica  attack  audio  backport  being  benchmarks  bereavement  best-of  bezels  bidirectional  black&white  blog  blowout  boost  boot  both  bug  bugs  c++  c  camera  casing  changes  channel  chargeur  check  chellisglendenning  chrome-tanned  cissp  clang  clojure  communism  compiler  computer  computer_security  core  cpu  cpus  cs  css-frameworks  cvs  danieldonenfeld  data  debian  deferral  design  desire  devalue  differance  difference  digital  discount  disjunction  display  doom  dsl  dual  dv  easyonme-resources  engineering  event  execution  exploit  fail  failboat  failure  fall  fan  filetype:pdf  fix  folio  for  foreshadow  free_software  from  future  gen  generalludd  gets  ghost  ghostly  github  goodbye  goog  google  guidelines  hacker_news  hacking  hacks  halide  hamlet  hands-on  hardware  hauntology  hello  hp  hp’s  html-templates  huge  hypnagogicpop  ifttt  impasse  in  inauguration  india  information  infosec  intel's  intel  interesting  internet-infrastructure  ios  ir  jacquesderrida  javascript  js  kb  kb4482887  kernel  kvm  l1tf  labor  langdonwinner  language  laptop  laptops  launched  leather  legolanddeutschland  links  linus  linux  live:  loader  london  lordbyron  loss  lte  lts  luddism  luddite  lulz  lvi  machine  malware  management  mapper  mapping  markfisher  marxism  mcilroy  mds  meltdown  memory  microarchitecture  microcode  microsoft  mitigation  modernity  monkeywrench  more  msvc  music  nature  neilpostman  neoliberalism  new  nonhuman  nonorigin  nonsense  nostalgia  nvidia  officialsite  older  oled  ontology  ooo  osdev  paper  papers  parallelism  pdf  performance  photography  pmz  poc  powershell  premium  presence  printer  processor  processors  programming  progress  protection  protects  qemu  race  rambleed  range  registry  released  repository  research  resolution  retpoline  return  review  review:  risc  rowhammer  sale  sca  script  security  sel4  shift  shotoniphone  side-channel-attacks  side-channel  side  sidechannel  software  speakers  speculation  speculative  sysadmin  systems  tango  technic  technology  test  the  this_is_fine  thomaspynchon  threading  time  timer  timothymorton  tips  to  tool  trace  trends  tricks  update  v8  variants  visualstudio  visualstudio16.3  vs16.5  vulnerabilities  vulnerability  wasm  windows  with  wow  x360  zombieload 

Copy this bookmark:



description:


tags: