New
#440
Logic suggests behavioural heuristics should be able to recognise when something untoward is trying to gain access to the memory in the Windows Server....find a method to block access.....then isolate.
From what I read at other forums testing mitigation, Windows Defender caught their Spectre experiment... not sure if due to microcode or not tho'...
However, this is not trying to access it, per se. What it is doing is actually blocking another (legitimate) thread's access, which breaks the link between the thread and the privileged information, then another process comes along and calls for a dump of the privileged information. It is this dump, I'm guessing (educatedly, though) that everyone is in an uproar about. If the privileged information store were simply wiped clean upon breakage, there would be no issue here. But the fact that, after breaking, it just sits there until being forcibly removed by another thread is what is disconcerting - better security would have been if the CPU kills those registers as soon as the link is broken. But, that is what causes the slowdown, because a legitimate process might need the information more than once, and under the current workflow, it has access to it again and again. But i fit were done correctly then any process that needed the information store repeatedly would have to go through the process of asking for it every time it needs it.
And because of that, I've finally figured out a good analogy for all of this. When you log in here, or anyplace, for that matter, online (with a few notable exceptions of places that take security seriously) you have the ability to save your credentials so that you don't have to enter them each time - and you can access your own information (your profile, for example) repeatedly, without submitting your credentials over and over again. It's designed that way to be user friendly.
But if a site were to truly value your security, they would ask for your credentials every time you did something in a secured environment. And I know tons of users who would hate that. But at the same time, I also know users who've been caught with a similar type of attack, in which they don't log out of a site, and someone else is then able to access their personal information from said site.
The difference here in the CPU world is that no one still gets direct access because they have the right credentials to access that privileged storage area. However, by dumping it all to a file, they can eventually sift through the cruft to find the goldmines - like your bank login and password (if you use it in a time frame while the exploit is in use on your system). And this is the most important point - it's not instantaneous access to privileged information, like with the website logging out thing - with that, someone who takes your place while you're still logged in sees everything that you were seeing before. In this case, it's more like someone left the main bank vault door open, and now thieves can get a hold of all the safe deposit boxes inside - but they have limited time, so they grab what they can and bug out, to their hideout, where they'll crack open each and every box they grabbed and sift through the contents until they find something worthwhile.
This set of exploits works very similarly to that.
Banks and financial services here in the UK are very security conscious.
Drop down cascading menus, both alphabetical and numerical are common for signing in using a mouse leaving no indication, just an * asterisk.... plus codes change after each entry.
Further provision is provided by the use of card readers....again after each usage the code changes....again no keyboard usage.
That is a very good thing.
But if an internal bank computer was hit with a variant of software that manipulated either of these exploits, it would be much, much worse than day, if you while family's computers were hit with it.
Of course, for you, it has the potential to be devastating. But if *every* customer of that back heat their account information exposes, it would be, obviously, much larger in scope....
So naturally, institutions that handle financial, legal, and health information need to have top notch security for their systems.
When they don't, well, you see what happened last summer....