0 users browsing Discussion. | 3 bots  
    Main » Discussion » Computer Security news
    Pages: 1
    Posted on 19-12-02, 09:19
    Full mod

    Post: #370 of 443
    Since: 10-30-18

    Last post: 853 days
    Last view: 50 days
    Today I came across https://www.wicar.org/ which aims to be like the old EICAR anti-virus test file. In their own words:

    The name "WICAR" is derived from the industry standard EICAR anti-virus test file, which is a non-dangerous file that all anti-virus products flag as a real virus and quarantine or act upon as such.

    By being able to execute a test virus program safely, the end user or network administrator can ensure that the anti-virus software is correctly operating (without utilising a real virus which may damage the system should the anti-virus software fail to function).


    That makes a lot of sense! There's a lot of malware-filtering tools, and it's good to have a harmless test site for them, for all the same reasons it's useful to have a harmless test "virus".

    The wicar.org website contains actual browser exploits, therefore, regardless of search engine, web browser, filtering appliance or desktop anti-virus product you use, it should be marked as malicious.


    what

    I thought you said "harmless"!

    The ending of the words is ALMSIVI.
    Posted on 19-12-02, 11:27 (revision 1)
    Stirrer of Shit
    Post: #694 of 717
    Since: 01-26-19

    Last post: 1516 days
    Last view: 1514 days
    They are indeed harmless:
    We have tested all the modules in our lab and confirmed them as working. Your mileage may vary however, depending on software version, configuration changes, service pack, operating system release and processor architecture, and may result in either:
    * Your browser exiting and opening the Windows calculator (vulnerable). [demonstration video - youtube]
    * Your browser opening the file and nothing happens (patched / immune).
    * Your browser displaying an error message or crashing (vulnerable but your system does not match the correct exploit conditions).


    There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
    Posted on 20-03-06, 06:13
    Post: #344 of 426
    Since: 10-30-18

    Last post: 251 days
    Last view: 14 days
    More Intel security issues: https://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html

    AMD Ryzen 3700X | MSI Gamer Geforce 1070Ti 8GB | 16GB 3600MHz DDR4 RAM | ASUS Crosshair VIII Hero (WiFi) Motherboard | Windows 10 x64
    Posted on 20-03-06, 10:26
    Custom title here

    Post: #849 of 1149
    Since: 10-30-18

    Last post: 5 days
    Last view: 3 days
    Posted by Nicholas Steel
    More Intel security issues: https://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html
    Hooray total Management Engine takeover!


    --- In UTF-16, where available. ---
    Posted on 20-03-07, 16:13 (revision 2)
    Post: #346 of 426
    Since: 10-30-18

    Last post: 251 days
    Last view: 14 days
    AMD has 2 newly discovered security flaws with their CPU's:
    https://www.tomshardware.com/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture
    https://mlq.me/download/takeaway.pdf

    AMD Ryzen 3700X | MSI Gamer Geforce 1070Ti 8GB | 16GB 3600MHz DDR4 RAM | ASUS Crosshair VIII Hero (WiFi) Motherboard | Windows 10 x64
    Posted on 20-03-07, 16:49
    Dinosaur

    Post: #636 of 1280
    Since: 10-30-18

    Last post: 7 days
    Last view: 3 hours
    Posted by Nicholas Steel
    AMD has 2 newly discovered security flaws with their CPU's:
    https://www.tomshardware.com/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture
    https://mlq.me/download/takeaway.pdf

    Is it time to short AMD stock again!?

    Can we just assume that each and every piece of silicon ever designed is flawed and not bother looking for logo-and-name™ vulnerabilities anymore!?
    This is getting boring, like Boeing planes and coronavirus.

    Licensed Pirate® since 2006, 100% Buttcoin™-free, enemy of All Things JavaScript™
    Posted on 20-03-11, 08:32
    Post: #349 of 426
    Since: 10-30-18

    Last post: 251 days
    Last view: 14 days
    https://www.theregister.co.uk/2020/03/10/lvi_intel_cpu_attack/

    new Intel security leak, potentially big performance impact when mitigated.

    AMD Ryzen 3700X | MSI Gamer Geforce 1070Ti 8GB | 16GB 3600MHz DDR4 RAM | ASUS Crosshair VIII Hero (WiFi) Motherboard | Windows 10 x64
    Posted on 20-03-12, 01:11
    Post: #58 of 60
    Since: 10-29-18

    Last post: 1395 days
    Last view: 1316 days
    I'm okay with the fancy names and mascots and shit for a whole family of vulnerabilities (e.g., if "spectre" referred to the whole family of speculative execution vulns), but yeah, it gets pretty old when they come up with scary names for stuff that's only really feasible for highly sophisticated (probably nation-state) attackers who have physical access to your machine.
    Posted on 20-03-12, 18:48

    Post: #153 of 175
    Since: 10-30-18

    Last post: 1203 days
    Last view: 1203 days
    Posted by hunterk
    I'm okay with the fancy names and mascots and shit for a whole family of vulnerabilities (e.g., if "spectre" referred to the whole family of speculative execution vulns), but yeah, it gets pretty old when they come up with scary names for stuff that's only really feasible for highly sophisticated (probably nation-state) attackers who have physical access to your machine.

    Let’s not pretend. It’s a protection racket. “Here’s a big, scary computer thing that you don’t understand. Pay our security team and you needn’t worry!”
    Posted on 20-03-13, 00:24 (revision 1)

    Post: #65 of 105
    Since: 11-13-19

    Last post: 1213 days
    Last view: 1213 days
    Posted by Nicholas Steel
    AMD has 2 newly discovered security flaws with their CPU's:
    https://www.tomshardware.com/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture
    https://mlq.me/download/takeaway.pdf


    Take A Way exploits only leak a "few bits of metadata," as opposed to providing full access to data

    Yeah, so nation state level attacker can spend multiple days whacking away at your computer with full local access, to retrieve a few kilobytes of metadata.

    Posted by Nicholas Steel
    https://www.theregister.co.uk/2020/03/10/lvi_intel_cpu_attack/

    new Intel security leak, potentially big performance impact when mitigated.


    It already does have a big performance impact, on the order of reducing performance to between 8 and 20% of the original performance. No, not reducing by that much, reducing it *to* that much:

    https://www.phoronix.com/scan.php?page=article&item=lvi-attack-perf#=1
    Posted on 20-03-13, 08:30
    Post: #127 of 202
    Since: 11-24-18

    Last post: 145 days
    Last view: 35 days
    Posted by kode54

    It already does have a big performance impact, on the order of reducing performance to between 8 and 20% of the original performance. No, not reducing by that much, reducing it *to* that much:

    https://www.phoronix.com/scan.php?page=article&item=lvi-attack-perf#=1


    Only light in the tunnel is that this does not affect newer Intel CPUs at all, so you have four options pretty much:

    1. Use mitigations and run at 20% efficiency
    2. Run without mitigations and leave your system wide open
    3. Pay Intel $$$$$$$$$$$ for new CPUs that are not compatible with your current sockets
    4. Pay AMD $$$$$ for new CPUs that are not compatible with your current sockets

    Hmm, what is the best option here...
    Posted on 20-03-13, 08:42
    Custom title here

    Post: #852 of 1149
    Since: 10-30-18

    Last post: 5 days
    Last view: 3 days
    4.

    --- In UTF-16, where available. ---
    Posted on 20-03-13, 15:45

    Post: #253 of 448
    Since: 10-29-18

    Last post: 35 days
    Last view: 6 hours
    5. Use an older top-of-the-line CPU.

    I'm still using my i7-4790K, which is €170 ($190) on ebay. It's comparable to a Ryzen 5 3600 in single-thread workloads.

    My current setup: Super Famicom ("2/1/3" SNS-CPU-1CHIP-02) → SCART → OSSC → StarTech USB3HDCAP → AmaRecTV 3.10
    Posted on 20-03-13, 16:11
    Dinosaur

    Post: #638 of 1280
    Since: 10-30-18

    Last post: 7 days
    Last view: 3 hours
    I'll keep disabling ALL and ANY mitigations on each and every computer I got under my responsibility, thanks.
    Can't afford buying the hottest new broken piece of shiny CPU just because.

    On the flip side, maybe all those vulnerabilities and mitigations will finally force the entire IT industry to solve the endless software bloat pandemic... who am I kidding!? Bring on teh Javascripts!

    Licensed Pirate® since 2006, 100% Buttcoin™-free, enemy of All Things JavaScript™
    Posted on 20-03-13, 20:32
    Post: #135 of 202
    Since: 11-01-18

    Last post: 412 days
    Last view: 45 days
    Is there proof these mitigations have impacts outside of data centers?
    Posted on 20-03-17, 07:25
    Post: #130 of 202
    Since: 11-24-18

    Last post: 145 days
    Last view: 35 days
    Posted by creaothceann
    5. Use an older top-of-the-line CPU.

    I'm still using my i7-4790K, which is €170 ($190) on ebay. It's comparable to a Ryzen 5 3600 in single-thread workloads.


    That is actually 1 or 2, depending on if you want the mitigations or not.
    Posted on 20-03-17, 17:26

    Post: #257 of 448
    Since: 10-29-18

    Last post: 35 days
    Last view: 6 hours
    SGX was introduced with SkyLake, the 4790K is from the predecessor (Haswell).

    My current setup: Super Famicom ("2/1/3" SNS-CPU-1CHIP-02) → SCART → OSSC → StarTech USB3HDCAP → AmaRecTV 3.10
    Posted on 20-03-25, 11:49

    Post: #264 of 448
    Since: 10-29-18

    Last post: 35 days
    Last view: 6 hours
    Intel Software Guard Extensions have been removed for Rocket Lake-S.

    My current setup: Super Famicom ("2/1/3" SNS-CPU-1CHIP-02) → SCART → OSSC → StarTech USB3HDCAP → AmaRecTV 3.10
    Posted on 20-06-10, 07:06 (revision 1)
    Post: #365 of 426
    Since: 10-30-18

    Last post: 251 days
    Last view: 14 days
    https://arstechnica.com/information-technology/2020/06/new-exploits-plunder-crypto-keys-and-more-from-intels-ultrasecure-sgx/

    2 new exploits for Intel CPU's. One of them defeats SGX and the othre proves disabling hyperthreading doesn't improve security as much as people thought.

    AMD Ryzen 3700X | MSI Gamer Geforce 1070Ti 8GB | 16GB 3600MHz DDR4 RAM | ASUS Crosshair VIII Hero (WiFi) Motherboard | Windows 10 x64
    Pages: 1
      Main » Discussion » Computer Security news
      Yes, it's an ad.