0 users browsing Discussion. | 2 guests | 8 bots  
Main » Discussion » Computer Security news
Pages: 1
Posted on 19-12-02, 09:19
Full mod

Post: #370 of 394
Since: 10-30-18

Last post: 31 days
Last view: 3 hours
Today I came across https://www.wicar.org/ which aims to be like the old EICAR anti-virus test file. In their own words:

The name "WICAR" is derived from the industry standard EICAR anti-virus test file, which is a non-dangerous file that all anti-virus products flag as a real virus and quarantine or act upon as such.

By being able to execute a test virus program safely, the end user or network administrator can ensure that the anti-virus software is correctly operating (without utilising a real virus which may damage the system should the anti-virus software fail to function).


That makes a lot of sense! There's a lot of malware-filtering tools, and it's good to have a harmless test site for them, for all the same reasons it's useful to have a harmless test "virus".

The wicar.org website contains actual browser exploits, therefore, regardless of search engine, web browser, filtering appliance or desktop anti-virus product you use, it should be marked as malicious.


what

I thought you said "harmless"!

The ending of the words is ALMSIVI.
Posted on 19-12-02, 11:27 (revision 1)
Stirrer of Shit
Post: #694 of 717
Since: 01-26-19

Last post: 74 days
Last view: 72 days
They are indeed harmless:
We have tested all the modules in our lab and confirmed them as working. Your mileage may vary however, depending on software version, configuration changes, service pack, operating system release and processor architecture, and may result in either:
* Your browser exiting and opening the Windows calculator (vulnerable). [demonstration video - youtube]
* Your browser opening the file and nothing happens (patched / immune).
* Your browser displaying an error message or crashing (vulnerable but your system does not match the correct exploit conditions).


There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 20-03-06, 06:13
Post: #344 of 353
Since: 10-30-18

Last post: 1 day
Last view: 51 min.
User is online
More Intel security issues: https://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html

AMD Ryzen 3700X | MSI Gamer Geforce 1070Ti 8GB | 16GB 3600MHz DDR4 RAM | ASUS Crosshair VIII Hero (WiFi) Motherboard | Windows 10 x64
Posted on 20-03-06, 10:26
Custom title here

Post: #849 of 866
Since: 10-30-18

Last post: 2 days
Last view: 15 hours
Posted by Nicholas Steel
More Intel security issues: https://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html
Hooray total Management Engine takeover!


--- In UTF-16, where available. ---
Posted on 20-03-07, 16:13 (revision 2)
Post: #346 of 353
Since: 10-30-18

Last post: 1 day
Last view: 51 min.
User is online
AMD has 2 newly discovered security flaws with their CPU's:
https://www.tomshardware.com/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture
https://mlq.me/download/takeaway.pdf

AMD Ryzen 3700X | MSI Gamer Geforce 1070Ti 8GB | 16GB 3600MHz DDR4 RAM | ASUS Crosshair VIII Hero (WiFi) Motherboard | Windows 10 x64
Posted on 20-03-07, 16:49
Not from my cellphone

Post: #636 of 664
Since: 10-30-18

Last post: 4 days
Last view: 4 hours
Posted by Nicholas Steel
AMD has 2 newly discovered security flaws with their CPU's:
https://www.tomshardware.com/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture
https://mlq.me/download/takeaway.pdf

Is it time to short AMD stock again!?

Can we just assume that each and every piece of silicon ever designed is flawed and not bother looking for logo-and-name™ vulnerabilities anymore!?
This is getting boring, like Boeing planes and coronavirus.

Licensed Pirate® since 2006, 100% Buttcoin™-free
Posted on 20-03-11, 08:32
Post: #349 of 353
Since: 10-30-18

Last post: 1 day
Last view: 51 min.
User is online
https://www.theregister.co.uk/2020/03/10/lvi_intel_cpu_attack/

new Intel security leak, potentially big performance impact when mitigated.

AMD Ryzen 3700X | MSI Gamer Geforce 1070Ti 8GB | 16GB 3600MHz DDR4 RAM | ASUS Crosshair VIII Hero (WiFi) Motherboard | Windows 10 x64
Posted on 20-03-12, 01:11
Post: #58 of 58
Since: 10-29-18

Last post: 26 days
Last view: 44 min.
User is online
I'm okay with the fancy names and mascots and shit for a whole family of vulnerabilities (e.g., if "spectre" referred to the whole family of speculative execution vulns), but yeah, it gets pretty old when they come up with scary names for stuff that's only really feasible for highly sophisticated (probably nation-state) attackers who have physical access to your machine.
Posted on 20-03-12, 18:48

Post: #153 of 158
Since: 10-30-18

Last post: 2 days
Last view: 1 day
Posted by hunterk
I'm okay with the fancy names and mascots and shit for a whole family of vulnerabilities (e.g., if "spectre" referred to the whole family of speculative execution vulns), but yeah, it gets pretty old when they come up with scary names for stuff that's only really feasible for highly sophisticated (probably nation-state) attackers who have physical access to your machine.

Let’s not pretend. It’s a protection racket. “Here’s a big, scary computer thing that you don’t understand. Pay our security team and you needn’t worry!”
Posted on 20-03-13, 00:24 (revision 1)

Post: #65 of 66
Since: 11-13-19

Last post: 25 days
Last view: 24 days
Posted by Nicholas Steel
AMD has 2 newly discovered security flaws with their CPU's:
https://www.tomshardware.com/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture
https://mlq.me/download/takeaway.pdf


Take A Way exploits only leak a "few bits of metadata," as opposed to providing full access to data

Yeah, so nation state level attacker can spend multiple days whacking away at your computer with full local access, to retrieve a few kilobytes of metadata.

Posted by Nicholas Steel
https://www.theregister.co.uk/2020/03/10/lvi_intel_cpu_attack/

new Intel security leak, potentially big performance impact when mitigated.


It already does have a big performance impact, on the order of reducing performance to between 8 and 20% of the original performance. No, not reducing by that much, reducing it *to* that much:

https://www.phoronix.com/scan.php?page=article&item=lvi-attack-perf#=1
Posted on 20-03-13, 08:30
Post: #127 of 130
Since: 11-24-18

Last post: 21 days
Last view: 7 days
Posted by kode54

It already does have a big performance impact, on the order of reducing performance to between 8 and 20% of the original performance. No, not reducing by that much, reducing it *to* that much:

https://www.phoronix.com/scan.php?page=article&item=lvi-attack-perf#=1


Only light in the tunnel is that this does not affect newer Intel CPUs at all, so you have four options pretty much:

1. Use mitigations and run at 20% efficiency
2. Run without mitigations and leave your system wide open
3. Pay Intel $$$$$$$$$$$ for new CPUs that are not compatible with your current sockets
4. Pay AMD $$$$$ for new CPUs that are not compatible with your current sockets

Hmm, what is the best option here...
Posted on 20-03-13, 08:42
Custom title here

Post: #852 of 866
Since: 10-30-18

Last post: 2 days
Last view: 15 hours
4.

--- In UTF-16, where available. ---
Posted on 20-03-13, 15:45

Post: #253 of 266
Since: 10-29-18

Last post: 1 day
Last view: 2 hours
5. Use an older top-of-the-line CPU.

I'm still using my i7-4790K, which is €170 ($190) on ebay. It's comparable to a Ryzen 5 3600 in single-thread workloads.

My current setup: Super Famicom ("2/1/3" SNS-CPU-1CHIP-02) → SCART → OSSC → StarTech USB3HDCAP → AmaRecTV 3.10
Posted on 20-03-13, 16:11
Not from my cellphone

Post: #638 of 664
Since: 10-30-18

Last post: 4 days
Last view: 4 hours
I'll keep disabling ALL and ANY mitigations on each and every computer I got under my responsibility, thanks.
Can't afford buying the hottest new broken piece of shiny CPU just because.

On the flip side, maybe all those vulnerabilities and mitigations will finally force the entire IT industry to solve the endless software bloat pandemic... who am I kidding!? Bring on teh Javascripts!

Licensed Pirate® since 2006, 100% Buttcoin™-free
Posted on 20-03-13, 20:32
Post: #135 of 136
Since: 11-01-18

Last post: 9 days
Last view: 5 hours
Is there proof these mitigations have impacts outside of data centers?
Posted on 20-03-17, 07:25
Post: #130 of 130
Since: 11-24-18

Last post: 21 days
Last view: 7 days
Posted by creaothceann
5. Use an older top-of-the-line CPU.

I'm still using my i7-4790K, which is €170 ($190) on ebay. It's comparable to a Ryzen 5 3600 in single-thread workloads.


That is actually 1 or 2, depending on if you want the mitigations or not.
Posted on 20-03-17, 17:26

Post: #257 of 266
Since: 10-29-18

Last post: 1 day
Last view: 2 hours
SGX was introduced with SkyLake, the 4790K is from the predecessor (Haswell).

My current setup: Super Famicom ("2/1/3" SNS-CPU-1CHIP-02) → SCART → OSSC → StarTech USB3HDCAP → AmaRecTV 3.10
Posted on 20-03-25, 11:49

Post: #264 of 266
Since: 10-29-18

Last post: 1 day
Last view: 2 hours
Intel Software Guard Extensions have been removed for Rocket Lake-S.

My current setup: Super Famicom ("2/1/3" SNS-CPU-1CHIP-02) → SCART → OSSC → StarTech USB3HDCAP → AmaRecTV 3.10
Pages: 1
Main » Discussion » Computer Security news
Kawa's Github