Christopher Barry on 7 Jan 2018 19:14:10 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)


Good points. See inline.

On Jan 4, 2018 11:27 AM, "John Von Essen" <john@quonix.net> wrote:
I know people are freaking out about this, and its a big deal, but…. the thing I dont fully understand is why cant antivirus detect the “act” of grabbing leaked memory data? Also, what are the uneffected CPUs?

Many/most Linux users do not wear antivirus. This is PLUG, right?  The CPU list is very long. Most likely, yours is on it.


Even if antivirus cant detect the reading of CPU memory, the attack still requires a piece of software to implement, most hackers will ultimately end up using and distributing the same or similar software, so that can be tagged by anti-virus. I mean do you think every hacker will write their own custom malware.


Could States and other actors already have tools, probably. Could leaks of those tools recently be playing a role in this 'discovery'? Good point, don't know.



Lastly, you still need to get the malware on your PC, so if you are very careful, behind a firewall, and only install “approved” or “signed” apps, you should be good. On my work PC, for the past 10 years, I have never gotten infected by anything, the only software I install is commercial products like Office, etc.,. and I never download random apps, I mainly download PDFs, and misc content.

So with good self control, this shouldn’t be too bad.

The real threat is cloud computing, where a hacker can just buy a VM, run their malware, and read all the contents of the cloud platforms CPU. Hence another reason not to use the cloud for critical stuff or sensitive data. Cloud is great for little web sites of content, but super sensitive data should be on your own hardware.

-John



 

On Jan 4, 2018, at 12:49 AM, Will <staticphantom@gmail.com> wrote:

Thank you to Keith Perry and Rich Mingin. 

The security issues broken down from their more proper CVE's can be seen here: https://meltdownattack.com

The website discussed the bugs found in hardware as well as their scope. Ladies and Gentlemen we maybe witnessing a defining moment of security this year as the impact may reach heart bleed level press in the next few days. 

-Will C
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug