First the hacker has to get her bad code running on my machine. That is harder the more private the machine is; but never impossible (see Stuxnet).
Then the evil code needs to actually gather useful information. The explanations I've read do not demonstrate that a complete picture of the data of a second process can be obtained using either exploit. Yes some information can be discovered; but no context for that information is found as well.
Basically, the evil code can see what is at a given offset from the end of the program's memory; and the hope is that interesting stuff will be there; and that the evil code will recognize it for what it is.
Then the bad code has to send the interesting data back to the mother ship.
Yes, bad O/S patches and firmware can do evil stuff; and if you can one of them on my machine, I suspect you'd install one that simply uploads all my files to the cloud as a backup process; rather than page faults data in one bit at a time into its address space and then... uploading it all to the cloud.
So if I am big bad hacker, how do I use this vulnerability?
Through a tedious process (carefully arranging for page faults and cache misses in speculatively executed code), I can determine bit by bit the value of other processes memory (which the OS and hardware should not allow); but I don't get a snap shot of the complete state of memory. Instead I get a peak at the value of the memory I should not have access to, word by word, memory which is changing as I am looking at it. How useful is this?
Just figuring out what other process is running on the machine with you is tough, but can be done using this process. Of course by then, the other process has exited or been moved. Maybe worth doing if you know there is a program running with very sensitive data on the machine you are using; but why are they letting you on their machine in the first place?
To prevent this difficult-to-use security leak, we can and should take the performance hit and disable this optimization on shared machines (such as in the cloud) where strangers programs are running on the same machine. But for privately owned machine running time-critical code, I would expect we'd recognize there is no risk here and continue using the fastest machines, with this security-risking vulnerability in place, along with its speed boost.
I can imagine the cloud users would demand that the vendors supply them machines where the cpu is not shared with un-trusted players; and in the meantime Intel will come out with new chips that close this vulnerability; and before that Linux and Microsoft and Apple et al will deploy patches that mitigate the problem.
Perhaps you are looking for: DotDotDot-DotDashDotDot-DotDash-DotDotDot-DotDotDotDot-DashDotDot-DashDashDash-Dash...?
Running your domain through my 1870 reader gets me W-T-F.E
I have heard it said, perhaps apocryphally - If you look at the birth and death records for the State of Florida, you will conclude that a majority of people in that state are born Latino and die Jewish.
Having reams of data is a start; but you must also have an accurate model.
Further, why pick 1776 as the birth of the US? Since 37 of the 50 states were founded and joined the union after this date, one could pick the day the last state joined (Hawaii - August 21, 1959) as the date when the United States was fully formed.
Or conversely, one could look to the date that the earliest colony which eventually became a state was founded - May 24, 1607 under the current calendar is when James Fort, was founded by the Virginia Company of London. I'ts 1609 royal charter extended from "sea to sea," and on the south its border was roughly at the present day border on North & South Carolina, and the northern border was a 45 degree angle that started about where Atlantic City New Jersey is today, heading north-west through the middle of the great lakes, north of Michigan. (despite the fact that no one from Virginia got more than a few miles west of the Atlantic Ocean) and hence this colony did "own" a fair bit of the area of what is now the US of A.
I really enjoyed Mathematics: from the Birth of Numbers. [http://books.google.com/books?id=E09fBi9StpQC]
Your mileage may vary but I bought this book when my daughter was in the third grade, and used it to definitively answer her questions as they came up about anything mathematical.
She starts at MIT this fall (class of 2013)
Slashdot Mirror
First the hacker has to get her bad code running on my machine. That is harder the more private the machine is; but never impossible (see Stuxnet). Then the evil code needs to actually gather useful information. The explanations I've read do not demonstrate that a complete picture of the data of a second process can be obtained using either exploit. Yes some information can be discovered; but no context for that information is found as well. Basically, the evil code can see what is at a given offset from the end of the program's memory; and the hope is that interesting stuff will be there; and that the evil code will recognize it for what it is. Then the bad code has to send the interesting data back to the mother ship. Yes, bad O/S patches and firmware can do evil stuff; and if you can one of them on my machine, I suspect you'd install one that simply uploads all my files to the cloud as a backup process; rather than page faults data in one bit at a time into its address space and then ... uploading it all to the cloud.
So if I am big bad hacker, how do I use this vulnerability? Through a tedious process (carefully arranging for page faults and cache misses in speculatively executed code), I can determine bit by bit the value of other processes memory (which the OS and hardware should not allow); but I don't get a snap shot of the complete state of memory. Instead I get a peak at the value of the memory I should not have access to, word by word, memory which is changing as I am looking at it. How useful is this? Just figuring out what other process is running on the machine with you is tough, but can be done using this process. Of course by then, the other process has exited or been moved. Maybe worth doing if you know there is a program running with very sensitive data on the machine you are using; but why are they letting you on their machine in the first place? To prevent this difficult-to-use security leak, we can and should take the performance hit and disable this optimization on shared machines (such as in the cloud) where strangers programs are running on the same machine. But for privately owned machine running time-critical code, I would expect we'd recognize there is no risk here and continue using the fastest machines, with this security-risking vulnerability in place, along with its speed boost. I can imagine the cloud users would demand that the vendors supply them machines where the cpu is not shared with un-trusted players; and in the meantime Intel will come out with new chips that close this vulnerability; and before that Linux and Microsoft and Apple et al will deploy patches that mitigate the problem.
It's the original Hydra base.
Perhaps you are looking for: DotDotDot-DotDashDotDot-DotDash-DotDotDot-DotDotDotDot-DashDotDot-DashDashDash-Dash ...?
Running your domain through my 1870 reader gets me W-T-F.E
Me thinks Lincolnshire is poking fun at his bank, not at your browser. It would seem his bankers just recently noticed these computery things
I have heard it said, perhaps apocryphally - If you look at the birth and death records for the State of Florida, you will conclude that a majority of people in that state are born Latino and die Jewish. Having reams of data is a start; but you must also have an accurate model.
Further, why pick 1776 as the birth of the US? Since 37 of the 50 states were founded and joined the union after this date, one could pick the day the last state joined (Hawaii - August 21, 1959) as the date when the United States was fully formed. Or conversely, one could look to the date that the earliest colony which eventually became a state was founded - May 24, 1607 under the current calendar is when James Fort, was founded by the Virginia Company of London. I'ts 1609 royal charter extended from "sea to sea," and on the south its border was roughly at the present day border on North & South Carolina, and the northern border was a 45 degree angle that started about where Atlantic City New Jersey is today, heading north-west through the middle of the great lakes, north of Michigan. (despite the fact that no one from Virginia got more than a few miles west of the Atlantic Ocean) and hence this colony did "own" a fair bit of the area of what is now the US of A.
I really enjoyed Mathematics: from the Birth of Numbers. [http://books.google.com/books?id=E09fBi9StpQC] Your mileage may vary but I bought this book when my daughter was in the third grade, and used it to definitively answer her questions as they came up about anything mathematical. She starts at MIT this fall (class of 2013)