Highest Voted 'spectre' Questions

2

votes

1 answer

Using service worker to enable COOP/COEP headers : security concerns?

I'm unable to access my server to enable COOP and COEP headers, but I was able to add them via service worker by using the following script https://github.com/gzuidhof/coi-serviceworker, which registers a service worker that has the headers…

asked Oct 06 '21 at 15:31

ultraGentle

5,084
1
19
45

2

votes

2 answers

how to send kernel command line parameter in raspbian

I need to send kernel command line parameter in raspbian os to turn off spectre/meltdown patches. as i know we can do this in other linux distros through "/etc/default/grub" file by changing "GRUB_CMDLINE_LINUX=". but in raspbian os this file did…

linux raspberry-pi raspbian spectre

asked Feb 26 '20 at 11:01

alireza sadeghpour

649
6
20

2

votes

1 answer

Cortex-A8 out-of-order execution and Spectre

I am reading about ARM Cortex-A8 processor and found that this processor does not support out-of-order execution. However, in https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability Arm clarified that Cortex-A8 is…

arm cpu-cache cortex-a spectre

asked Aug 05 '19 at 10:19

alireza sadeghpour

649
6
20

2

votes

3 answers

How Process can Share array2(the oracle array) in Spectre Attack?

In spectre paper, the PoC place Victim and Attacker code in same process. The code is like this: if (x < array1_size) y = array2[ array1[x] * 256 ]; So Attacker and victim can use the same array2(because they are in same code, process). But in…

security spectre side-channel-attacks

asked Jan 02 '19 at 09:55

Kyuwon Cho

45
8

2

votes

1 answer

Spectre performance hit disappeared after April 2018 Update?

We are tracking the performance issue of Meltdown and Spectre mitigations on Windows for several months now. Several days ago, we found some weird results. After applying April 2018 Cumulative Update (KB4093112) on our Windows 10 FCU machine, all of…

windows performance security windows-10 spectre

asked Apr 17 '18 at 06:33

nikoniko

833
2
11
22

2

votes

1 answer

Why did Meltdown and Spectre bugs go undiscovered for so long?

Why did Meltdown and Spectre bugs go undiscovered for so long? Nearly 20 years these bugs have been present in the CPU's why wasn't this discovered sooner given the serious implications for all computers using these processors?

intel amd spectre

asked Jan 31 '18 at 11:19

Adrian Evans

23
4

2

votes

1 answer

CPU Redesign for Spectre and Meltdown

There are a lot of patches released to fix the recently found Spectre and Meltdown security vulnerability. However they all do this (to my understanding) by disabling usage of certain functionality on the cpu. So I am wondering if the (predictive)…

cpu-architecture exploit spectre

asked Jan 13 '18 at 16:46

vincent

1,953
3
18
24

2

votes

0 answers

Is Google Native Client (NaCl) vulnerable to Meltdown or Spectre attacks?

I run sel_ldr_x86_32 file32.nacl and sel_ldr_x86_64 file64.nacl on my Intel machine vulnerable to Meltdown and Spectre. Given that even JavaScript can employ Spectre, I am curious if NaCl'ed binaries can. Are there any known vulnerabilities of NaCl…

exploit google-nativeclient spectre

asked Jan 11 '18 at 16:23

Stair

21
2

2

votes

1 answer

Read about Spectre. What changes may I need in my code?

I read about Spectre (CVE-2017-5753) but it is unclear how it actually affect the everyday programmer? I read a couple articles but I am still not sure if it may break any of my old project or existing code. It would be great to know what I should…

javascript spectre

asked Jan 11 '18 at 12:58

Hambalkó Bence

125
11

2

votes

1 answer

Understanding Spectre and memory addressing

First a disclaimer: I don't intent to hack anyone, I'd just like to see the exploit in action on my own machine. I've compiled the Spectre example in VS2017 on x64 Windows 10. The example works when reading from its own process memory, but if I try…

memory x86 spectre

asked Jan 08 '18 at 19:42

Dacobi

417
4
14

1

vote

1 answer

Example of Spectre v1 on new CPU

I know how Specter works, I found a program on GitHub that demonstrates how it works. but on my computers win 10 21h2 (i5-11400F, i5-9600K, R7-5800hs) it does not work, it only gives questions, but on i5-7500U it works also in win 10. I know that…

c security assembly spectre

asked Jan 21 '22 at 14:00

taburetca

31
6

1

vote

1 answer

`Uncaught ReferenceError: SharedArrayBuffer is not defined` since Chrome 92

The usage of SharedArrayBuffer causes an error: Uncaught ReferenceError: SharedArrayBuffer is not defined on Chrome 92. Why is this? How can I solve?

security spectre sharedarraybuffer

asked Jun 10 '21 at 03:18

agektmr

2,144
15
14

1

vote

1 answer

Is there an alternative to NtQuerySystemInformation for SystemKernelVaShadowInformation and SystemSpeculationControlInformation?

As NtQuerySystemInformation is not encouraged to be used by Microsoft, I am looking for alternatives to display spectre and meltdown mitigation options set on the OS.

c++ winapi spectre

asked Apr 28 '21 at 11:12

zombunny

37
5

1

vote

1 answer

Pime and Probe vs Evict and Reload

I'm trying to figure out what are the differences between two cache side channel attack: Prime and Probe vs Evict and Reload. It seems that both of the attacks are identical - the adversary evicts data from cache sets by filling them with its own…

security caching spectre

asked Jan 05 '21 at 11:39

Programmer

119
1
8

1

vote

1 answer

Spectre-mitigated libraries are required for this project, EVEN after i disabled it in options?

I tried DISABLING the Spectre mitigation from the code generation in option, but i still cannot compile a simple hello world driver, why? how can i stop this message and just compile a simple hello world without needing to install these libraries?…

visual-studio-2019 wdk spectre

asked Oct 04 '20 at 16:46

OneAndOnly

1,048
1
13
33

Questions tagged [spectre]