Welcome!
Important information
-- Information on torrent hosting changes
-- Information on MX15/16 GPG Keys
-- Spectre and Meltdown vulnerabilities

News
-- Introducing our new Website
-- MX Linux on social media: here

Current releases
-- MX-18.1 Point Release release info here
-- Migration Information to MX-18 here
-- antiX-17.4 release info here

New users
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules

New hardware-agnostic side-channel attack works against Windows and Linux

Post Reply
User avatar
colin_b
Forum Regular
Forum Regular
Posts: 484
Joined: Sun Mar 19, 2017 7:21 pm

New hardware-agnostic side-channel attack works against Windows and Linux

#1

Post by colin_b » Wed Jan 09, 2019 7:30 pm

https://www.zdnet.com/article/new-hardw ... and-linux/
The research team, which includes some of the brightest minds in IT security, including some of the people behind the Spectre/Meltdown vulnerabilities, have contacted OS vendors prior to disclosing their findings.

Microsoft has already fixed the way Windows deals with page cache reads in a Windows Insiders build, while discussions on how to deal with Linux patches are still ongoing. Both OS teams are expected to fix the issues at the heart of this side-channel attack in the future.

User avatar
BitJam
Forum Guide
Forum Guide
Posts: 2941
Joined: Sat Aug 22, 2009 11:36 pm

Re: New hardware-agnostic side-channel attack works against Windows and Linux

#2

Post by BitJam » Wed Jan 09, 2019 8:35 pm

Note to self: should add microcode to the live systems.
Will I cry when it's all over?
When I die will I see Heaven?

User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 18425
Joined: Fri Dec 15, 2006 8:07 pm

Re: New hardware-agnostic side-channel attack works against Windows and Linux

#3

Post by Stevo » Wed Jan 09, 2019 10:51 pm

Good thing is that a kernel patch should fix that. They also said that malicious code has to be running on the system first, which could be browser javascript, I guess. But then you already have problems anyway with that code on your machine.

Sounds like a good case for browser sandboxing, too.

User avatar
manyroads
Forum Regular
Forum Regular
Posts: 916
Joined: Sat Jun 30, 2018 6:33 pm

Re: New hardware-agnostic side-channel attack works against Windows and Linux

#4

Post by manyroads » Wed Jan 09, 2019 10:59 pm

@stevo has anyone here published guidance on recommended sandboxing in MX. I tried firejail in the past with some success. The problem I had was with browsers; the default browser was not accessible from Thunderbird. Thunderbird had other problems.
"Don't believe everything you think."
Pax vobiscum,
Mark Rabideau - http://many-roads.com
MX-18 4.20.12-antix.1-amd64-smp x86_64
Dell Latitude E5470
Dual Core Intel i5-6300U (-MT MCP-)
Mem: 24GB SSD: 978.09 GiB
Reg. Linux User #449130

Post Reply

Return to “Software / Configuration”