Return Styles: Pseud0ch, Terminal, Valhalla, Blue Moon.

Pages: 1-4041-

Thanks Intel!

Name: Anonymous 2018-01-03 5:03

Free privilege escalation, along with data snooping courtesy of Intel Rabbis & Cudder for all Intel processors ever made.

https://lkml.org/lkml/2017/12/27/2
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

Name: Anonymous 2018-01-03 5:19

Sucks to be you. I bought AMD because I'm not an idiot.

Name: Anonymous 2018-01-03 6:20

I hate intel but wish we had a bit more warning to dump... That’s kikes for you I guess...

Name: Anonymous 2018-01-03 6:28

Name: Anonymous 2018-01-03 6:36

What the fuck? What does it mean? Cudder can hack my computer?

Name: Anonymous 2018-01-03 7:58

this is one of the biggest fuck ups ever

Name: Anonymous 2018-01-03 8:09

>>5
Cudder is all talk and no action !

Name: Anonymous 2018-01-03 8:36

i will continue to use Intel. if i don't have Intel i literally dont laugh. like if have it i ust stare at the screen and laugh but if i dont i feel like shit and i start drinking heavily and i get really suicidal and depressed and i have chronic nauesea and i feel sick as fuck to my stomach without it and for some reason without Intel i fucking flop sweat like crazy like my boxers ass crack part gets completely soaked and i change shirts every hour i sweat so bad and when i have Intel for some reason i don't sweat

Name: Anonymous 2018-01-03 8:50

>>1
A summary please? I don't want to read hacker websites form 1991.

Name: Anonymous 2018-01-03 8:50

>>9
then go back to reddit

Name: Anonymous 2018-01-03 9:00

requesting dub check

Name: Anonymous 2018-01-03 11:04

What programming language is this?

Name: Anonymous 2018-01-03 12:21

>>12
Microcode in page table chip that ignores speculative execution.

Name: Anonymous 2018-01-03 13:40

>>13
*ignores privilege level during speculative execution

Name: Anonymous 2018-01-03 13:46

>>9
OP is already a summary.

Name: Anonymous 2018-01-03 14:35

Perhaps privilege levels are a bad security model by themself? Time and time again "privilege escalation" turns out to be easy to accomplish and hard to mitigate.

Name: Anonymous 2018-01-03 14:59

>>16
what alternative do you propose?

Name: Anonymous 2018-01-03 15:07

Name: Anonymous 2018-01-03 15:22

>>18
That actually works and nobody wants things that work because that would be disrespectful to the creators of C and Unix.

Name: Anonymous 2018-01-03 15:45

Free pointers. Raw Pointers. Direct Memory Addressing. Dis is the brize of freedom.

Name: Cudder !cXCudderUE 2018-01-03 16:03

No privilege escalation, just a stupid (and very narrow) side-channel that has basically been there since specexec was invented and that no one really cared about either (probably because it's a really narrow sidechannel and also read-only.)

For those thinking this is Intel-only, this is not specific to any one ISA but for any core which implements aggressive specexec. This means ARM, MIPS, and of course RISC-V:

https://groups.google.com/a/groups.riscv.org/d/msg/isa-dev/JU0M_vug4R0/YELX92fIBwAJ

>>16,17
Everything running as root, and no untrusted code. The way a personal computer was always meant to be used.

tl;dr: Security people making a big deal of a tempest (or TEMPEST) in a teapot.

Name: Anonymous 2018-01-03 16:30

Name: Anonymous 2018-01-03 18:27

>>21
There's no such thing as trusted code. I don't trust any of your code any more than I trust injecting myself with an unknown drug using a used needle I found in an alley.

Name: Anonymous 2018-01-03 18:31

>>2
AMD has the same problem.
>>11
Back to 4chan, please.

>>19
What does C and Unix have to do with this?

Name: Anonymous 2018-01-03 18:51

>>24
AMD doesn't have the problem:
https://lkml.org/lkml/2017/12/27/2

Name: Anonymous 2018-01-03 19:07

>>25
... yet.

Name: Anonymous 2018-01-03 19:37

>>24
C and Unix are incompatible with capability-based addressing.

Name: Anonymous 2018-01-03 19:45

>>27
It appears to be done through hardware, and Unix has always been a very portable system, so there's nothing stopping it from be run on such a machine.

Name: Anonymous 2018-01-03 22:05

>>28
I'll stop it!

Name: Anonymous 2018-01-03 22:07

>>29
I'm afraid you're nearly 50 years too late.

Name: Anonymous 2018-01-03 22:38

>>28-30
Unix and C are not portable enough. They only run on computers that resemble a PDP-11.

Name: Anonymous 2018-01-03 23:08

>>31
PDP-11
Are you a time traveler? Because it's not 1979 anymore.

Name: Anonymous 2018-01-03 23:09

>>1
Cudder doesn't support Intel, why are you spreading lies?

Name: Anonymous 2018-01-03 23:36

>>33
Cuddler literally works for Intel. She was hired due to diversity quotas.

Name: Anonymous 2018-01-03 23:44

>>32
C and Unix dumb your computer down to a PDP-11.

Name: Anonymous 2018-01-03 23:52

https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running on them.

My sides.

Name: Anonymous 2018-01-03 23:57

>>35
They do not.

Name: Anonymous 2018-01-04 5:29

Name: Anonymous 2018-01-04 6:14

>>38
Non-YouTube link (HookTube reverts to normal YouTube embed): https://files.catbox.moe/j2u2vv.webm

Name: Anonymous 2018-01-04 7:02

>>39
Unless you have reasons, don't waste their bandwidth for trivial shit not censored by youtube.

Name: Anonymous 2018-01-04 7:52

Name: Anonymous 2018-01-04 13:25

Name: Anonymous 2018-01-04 15:29

Name: Anonymous 2018-01-04 15:48

CENSOR MY ANUS

Name: Anonymous 2018-01-04 20:51

(>>39)

Name: Anonymous 2018-01-05 0:00

Name: Anonymous 2018-01-05 2:54

JUST TURN OFF CACHE

Name: Anonymous 2018-01-05 7:19

for me it's AMD all the way

chinks > kikes

Name: Anonymous 2018-01-05 11:50

>>47
In 2040 we would consider this a sound advice as x86 would be discovered as secure as unpatched Windows95.
On another note, how useful is this:
https://www.usenix.org/conference/woot13/workshop-program/presentation/Bangert

Name: Cudder !cXCudderUE 2018-01-05 21:56

If you don't run untrusted code you have nothing to worry about.

Too bad for the fools who tried to convince you it was ever a good idea to rent computing time on some machine far away over the Internet and shared with a hundred or thousand other strangers... they're the ones getting burned the most by this and I have no pity for them. Fuck cloud computing, back to everyone with personal computers they actually own. Glorious.

Name: Anonymous 2018-01-05 22:05

>>50
Too bad for the fools who tried to convince you it was ever a good idea to rent computing time on some machine far away over the Internet and shared with a hundred or thousand other strangers...
Hey, it's more cost-effective than buying an entire server

Name: Anonymous 2018-01-05 23:34

>>50
"let's just revert to shittier technology because fixing one bug is too much work"

Name: Anonymous 2018-01-06 4:56

>>51
Cutting corners is exactly the reason why this garbage exists.
>>52
``Cloud computing'' is a major step backwards, it needs to die a violent death.

Name: Anonymous 2018-01-06 8:28

Name: Anonymous 2018-01-06 8:52

>>54
Something like that, yeah. But remember, setting IBRS is a barrier too.

You can't just set it and forget it; you have to do it on *every* entry

into the kernel.

What a mess.

Name: Anonymous 2018-01-06 18:20

God I fucking hate comp[uters

Name: Anonymous 2018-01-09 17:34

Name: Anonymous 2018-01-09 21:03

Name: Anonymous 2018-01-09 22:17

>>58
That's a pretty good idea, someone should make a HookHub. A HookBook would be good too.

Name: Anonymous 2018-01-09 22:57

>>59
Hookmail too. So you can read your mail through my secure website instead of (((gmail)))

Name: Anonymous 2018-01-09 23:30

>>60
But you'd still be using the gMail service.

Name: Anonymous 2018-01-10 0:57

>>61
That's how every hooksites work! Use the original service on fake website.

Name: Anonymous 2018-01-10 1:00

>>62
Thanks, Captain Obvious.

Name: Anonymous 2018-01-10 1:28

>>63
Call me Captain Hook, darling.

Name: Anonymous 2018-01-10 10:46

>>62
Use the original service on fake website.
Nice try, Google shill.

Name: Anonymous 2018-01-10 10:47

>>5
No.

Name: Anonymous 2018-01-10 10:49

>>9
I don't want to read hacker websites form 1991.
What the hell are you doing here?

Name: Anonymous 2018-01-10 11:29

>>65
who are you quoting?

Name: Anonymous 2018-01-10 12:19

>>68
I am quoting >>62-kun, my friend.

Name: Anonymous 2018-01-10 12:22

>>69
you're right, this was an actual quote. sorry for confusion!

Don't change these.
Name: Email:
Entire Thread Thread List