In October, Edward Snowden was granted permanent residency in Russia. A new web page by the EFF applauds his past activities as a U.S. whistleblower. “His revelations about secret surveillance programs opened the world’s eyes to a new level of government misconduct, and reinvigorated EFF’s continuing work in the courts and with lawmakers to end unlawful mass spying.” And then they…
Tag: spectre
Firefox ‘Site Isolation’ Feature Enters User Testing, Expected Next Year
An anonymous reader shares a report: Site Isolation is a modern browser security feature that works by separating each web page and web iframes in their own operating system process in order to prevent sites from tampering or stealing with each other’s data. The feature was first deployed with Google Chrome in mid-2018, with the release of Chrome 67. Although initially,…
Linux 5.9 Boosts CPU Performance With FSGSBASE Support
FSGSBASE support in Linux “has the possibility of helping Intel/AMD CPU performance especially in areas like context switching that had been hurt badly by Spectre/Meltdown and other CPU vulnerability mitigations largely on the Intel side,” Phoronix wrote back in August. As it started its journey into the kernel, they provided a preview on August 10: The FSGSBASE support that was finally…
Security Researchers Detail New ‘BlindSide’ Speculative Execution Attack
“Security researchers from Amsterdam have publicly detailed ‘BlindSide’ as a new speculative execution attack vector for both Intel and AMD processors,” reports Phoronix:
BlindSide is self-described as being able to “mount BROP-style attacks in the speculative execution domain to repeatedly probe and derandomize the kernel address space, craft arbitrary memory read gadgets, and enable reliable exploitation. This works even in face of…
Coronavirus: James Bond Postpones Release Date Because It’s No Time To Die
The release of upcoming James Bond film “No Time To Die” has been pushed back from April To November due to coronavirus fears. “The 25th installment in the storied spy franchise will commence its run on Nov. 12 in the U.K., followed by the U.S. on Nov. 25,” reports The Hollywood Reporter. “It was scheduled to open in North America on…
What’s new on Coursera for Business – November 2019
By Kyle Clark, Senior Skills Transformation Consultant The end of the year brings with it some of our most exciting launches of 2019. Our latest batch of 50+ courses includes enterprise critical skills such as personal resilience, computational thinking, and coding for managers. Additional topics this past month range from Python for asset management to […]
The post What’s new on Coursera…
Windows and Linux Get Options To Disable Intel TSX To Prevent Zombieload v2 Attacks
Both Microsoft and the Linux kernel teams have added ways to disable support for Intel Transactional Synchronization Extensions (TSX). From a report: TSX is the Intel technology that opens the company’s CPUs to attacks via the Zombieload v2 vulnerability. Zombieload v2 is the codename of a vulnerability that allows malware or a malicious threat actor to extract information processed inside a…
Greg Kroah-Hartman Reveals His New Favorite Linux Distro
Top Linux kernel developer Greg Kroah-Hartman gave a new 30-minute interview with TFIR during the Open Source Summit, 2019. He discusses security in the post-Spectre world, remembers when Microsoft joined the Linux distros mailing list, and acknowledges good-naturedly that he and Richard Stallman “approach things from a different standpoint”. An anonymous reader writes: In the interview Kroah-Hartman talks about downsides of…
New Spectre-like CPU Vulnerability Bypasses Existing Defenses
itwbennett writes: Researchers from security firm Bitdefender discovered and reported a year ago a new CPU vulnerability that ‘abuses a system instruction called SWAPGS and can bypass mitigations put in place for previous speculative execution vulnerabilities like Spectre,’ writes Lucian Constantin for CSO. There are three attack scenarios involving SWAPGS, the most serious of which ‘can allow attackers to leak the…
What is the Brocken Spectre?
The Brocken Spectre is your own shadow, cast on mists below you, when you are mountain climbing. The shadow may appear enormous and has a ring around it. Source: https://earthsky.org/earth/what-is-the-brocken-spectre…