Researchers Discover SplitSpectre, a New Spectre-like CPU Attack

An anonymous reader writes from a report via ZDNet: Three academics from Northeastern University and three researchers from IBM Research have discovered a new variation of the Spectre CPU vulnerability that can be exploited via browser-based code. The vulnerability, which researchers codenamed SplitSpectre, is a variation of the original Spectre v1 vulnerability discovered last year and which became public in January 2018. The difference in SplitSpectre is not in what parts of a CPU's microarchitecture the flaw targets, but how the attack is carried out. Researchers say a SplitSpectre attack is both faster and easier to execute, improving an attacker's ability to recover code from targeted CPUs. The research team says they were successfully able to carry out a SplitSpectre attack against Intel Haswell and Skylake CPUs, and AMD Ryzen processors, via SpiderMonkey 52.7.4, Firefox's JavaScript engine. The good news is that existing Spectre mitigations would thwart the SplitSpectre attacks.

They laughed

Oh you, managed languages are safe.
Okay so they aren't, but sandboxes are safe.
Okay alright there are bugs, but virtual machines are safe.
So about thos' virtual machines...
Yeah fuck you, throw another layer on, what does it matter.

Re:Maybe its time to rething - Linus

[vyvepe]

No, Linus is right. The performance impact of the patches is big.

If you have up to date browser then you do not have a problem. Resolution of timers available from scripts is lowered to make this attack infeasible.

If you are running executable from web then you have much bigger worry than spectre. The executable can damage you directly instead of trying to rely on a a "cooperation" of another process.

These bugs are mostly a serious worry for companies renting virtual machines where executables run in the images are by default hostile.