Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi
devices?


Massive chip flaw not limited to Intel
<https://www.axios.com/massive-chip-flaw-not-limited-to-intel-2522178225.html

Intel is dealing with a major chip bug, but full impact unclear
<https://www.axios.com/intel-is-dealing-with-a-major-chip-bug-but-full-impact-unclear-2522162631.html

How to protect your PC from the major Meltdown and Spectre CPU flaws
<https://www.pcworld.com/article/3245810/security/how-to-protect-your-pc-meltdown-spectre-cpu-flaws.html

Mac and iPhone both affected by big chip vulnerability
<https://www.axios.com/apple-mac-and-iphone-both-affected-by-big-chip-vulnerability-2522548093.html

How the Spectre CPU flaw affects phones and tablets
<https://www.pcworld.com/article/3245790/mobile/spectre-cpu-faq-phones-tablets-ios-android.html

Google Project Zero: Reading privileged memory with a side-channel
<https://googleprojectzero.blogspot.jp/2018/01/reading-privileged-memory-with-side.html

Intel's full statement:

Intel and other technology companies have been made aware of new security  
research describing software analysis methods that, when used for malicious  
purposes, have the potential to improperly gather sensitive data from  
computing devices that are operating as designed. Intel believes these  
exploits do not have the potential to corrupt, modify or delete data.

Recent reports that these exploits are caused by a "bug" or a "flaw" and  
are unique to Intel products are incorrect. Based on the analysis to date,  
many types of computing devices - with many different vendors'
processors  
and operating systems - are susceptible to these exploits.

Intel is committed to product and customer security and is working closely  
with many other technology companies, including AMD, ARM Holdings and  
several operating system vendors, to develop an industry-wide approach to  
resolve this issue promptly and constructively. Intel has begun providing  
software and firmware updates to mitigate these exploits. Contrary to some  
reports, any performance impacts are workload-dependent, and, for the  
average computer user, should not be significant and will be mitigated over  
time.

Intel is committed to the industry best practice of responsible disclosure  
of potential security issues, which is why Intel and other vendors had  
planned to disclose this issue next week when more software and firmware  
updates will be available. However, Intel is making this statement today  
because of the current inaccurate media reports.

Check with your operating system vendor or system manufacturer and apply  
any available updates as soon as they are available. Following good  
security practices that protect against malware in general will also help  
protect against possible exploitation until updates can be applied.

Intel believes its products are the most secure in the world and that, with  
the support of its partners, the current solutions to this issue provide  
the best possible security for its customers.

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
On Fri, 5 Jan 2018 04:55:29 +0000 (UTC), Harry Newton wrote:

Quoted text here. Click to load it

For example, my rooftop Ubiquiti Rocket M5 radio, running a variant of
Linux, uses The MIPS 74kc processor.

Anyone know if that's affected?

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
Quoted text here. Click to load it

Based on the same news reports you've probably seen...

These vulnerabilities only allow reading by unprivileged processes of
what should be protected (and unreadable) kernel memory, which, in
theory, might contain privileged information.  However, the attacks require
the attacker to run code on the machine in question.

That might, in theory, be done via a web browser if it runs code from a
malicious web site, though I think doing that and getting anything
useful would be hard.  The case of cloud computing is a more likely
attack platform, since a legitimate customer might be able to obtain
information about other customers running on the same machine.

I don't see these being an issue for routers, regardless of what chip
they use.  To the extent routers even have a kernel, I don't think
there's all that much privileged information in it, and if your router
is already compromised enough that an attacker can run code on it at
all, you've already lost.
 -WBE

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
On Fri, 05 Jan 2018 01:56:13 -0500, Winston wrote:

Quoted text here. Click to load it

Thanks for that advice.

I've since found out the following from alt.os.linux ...  

From http://cdn2.imgtec.com/documentation/MD00496-2B-74KC-DTS-01.07.pdf :

| Superscalar core

Probably vulnerable to Spectre variant 1.

| 64-entry (4-way associative) jump register cache to predict target for
| indirect jumps.

Probably vulnerable to Spectre variant 2.

Meltdown is harder to assess, that will require either actual
experimentation or a manufacturer statement.

Quoted text here. Click to load it

There is no reason to think single-threaded devices are unaffected.

Quoted text here. Click to load it

Sort-of true; these issues won+IBk-t normally represent a directly
exploitable vulnerability on such devices but they will undermine
internal protections.



Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
In alt.internet.wireless,
Quoted text here. Click to load it

I would like to repeat Harry's point here.  

Quoted text here. Click to load it

Are you posting in UTF-7? I didn't see a charset header, and I don't
know if I've ever seen UTF-7 "in the wild".

Elijah
------
just in staged examples

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
Quoted text here. Click to load it

Javascript in browser attacks have been demonstrated.

http://www.tomshardware.com/news/meltdown-spectre-exploit-browser-javascript,36221.html

Specifically mentioning Edge, Firefox, Chrome, and Safari. That's most
of the browser market.

This page has more details about javascript exploits:

https://www.react-etc.net/entry/exploiting-speculative-execution-meltdown-spectre-via-javascript

Elijah
------
Opera? I hardly know her.

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
I previously posted:
Quoted text here. Click to load it


That was an interesting article, and it led to another interesting
article, so thanks for the link.  I saw Javascript exploits, but, based
on the summary of the fixes Google recommended, they struck me more as
plain old ordinary Javascript exploits, not ones specifically reliant on
Spectre or Meltdown, though there may now be additional ways of taking
advantage of the exploits.  Maybe I misread...

The key new thing described there that differed from what I'd read
before was that Spectre can not only access kernel memory (where maybe
there's something interesting in the probed area, maybe not), but also
data from other applications, including other parts of the same
application (to violate sandboxing).


Quoted text here. Click to load it

Unfortunately, that URL isn't working for me at the moment: no peer
certificate or client certificate name.
 -WBE

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
Quoted text here. Click to load it

I get a Comodo cert for a Cloudflare server. It has about twenty to
thirty SAN names, "not valid before" 26 Nov 2017 (which might or might
not be issue date), and valid till 4 June 2018.

Elijah
------
viewed the cert in Firefox

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
On Fri, 05 Jan 2018 01:56:13 -0500, Winston wrote:

Quoted text here. Click to load it

Great description here:
https://meltdownattack.com/

Paraphrased:

Meltdown melts security down between program and hardware.
Spectre speculative execution tricks program access to app memory.

Lots of detail, papers, links for every operating system, etc.

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
Quoted text here. Click to load it

Seconded.  For the technically inclined, it also links to

https://googleprojectzero.blogspot.co.at/2018/01/reading-privileged-memory-with-side.html

entitled "Project Zero: Reading privileged memory with a side-channel".

That one I'm still reading...
 -WBE

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
I previously posted:
Quoted text here. Click to load it


Now that I've read the whole thing...

It reminds me of the concerns government agencies had about using any
sort of time sharing operating system for classified material.
NSA-provided mods to Solaris to produce Secure Solaris, for example,
worried a lot about ways code on the trusted side might be able to
signal a process on the untrusted side and thereby leak data.  Made-up
examples might be changing some device state or framebuffer pixel in
some way that the unsecure process could detect, or varying the
scheduling of a process, or the amount of memory in use, etc.  The
general idea has been around for decades -- a spy who goes for coffee
every morning before work, but whose wristwatch is very accurately set,
so that walking through the door at 09:00:00 means something different
than at 09:00:10 to the guy across the street who also has a watch
accurately set, but looks the same to anyone else.

The general idea was simply that getting a few bits at a time out was
sufficient, and here, with Meltdown and Spectre, attackers not only can
get data out, they don't even have to run anything on the secure side to
do it.
 -WBE

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
On Fri, 5 Jan 2018 04:55:29 +0000 (UTC), Harry Newton

Quoted text here. Click to load it

I don't know, yet.

With all the conflicting reports, pronouncements, opinions, and
pontifications, it's going to be a while before we know for sure.
Eventually, the testing will get down to the imbedded devices.  Then,
we can discuss whether your HVAC thermostat, smartphone, wireless
keyboard, and smart coffee maker are affected.

It's been interesting watching Intel and friends change their tune
overnight.  At first, they tried to minimize the potential damage by
claiming that only a few devices were affected.  AMD and ARM also
initially claimed their chips were immune.  Most of that sounded like
the PR (public relations) department, not engineering or management. A
few days later, it seems that everything is affected in some manner
and degree.  Allegedly, the latest chips are ok, while older chips and
blade servers will see a 30% performance hit.  We'll see as testing
continues.

What I find amusing is that Intel, Microsoft, and computah vendors can
easily turn this mess into a huge sales effort.  If the proposed fixes
really do ruin performance, all they have to do is suggest that a
shiny new machine, with the latest fixed CPU, is the only guarantee
that you don't have any vague and unspecified vulnerabilities and
problems.  I suspect Microsoft will cooperate by making their patches
and fixed produce minimal slowdowns for the latest OS released, and
dramatic slowdowns in progressively older equipment.  The various
competitors will say nothing because they also stand to profit from
the FUD (fear, uncertainty, doubt).  I watched it happen in 1999
during the Y2K debacle, where huge amounts of equipment and upgrades
were sold on the basis of not taking any unnecessary risks.

<https://access.redhat.com/security/vulnerabilities/speculativeexecution
<https://access.redhat.com/articles/3307751
<https://meltdownattack.com

Also, it's not that there aren't any other products that have unfixed
vulnerabilities:
<https://secuniaresearch.flexerasoftware.com/community/advisories/


--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
wrote:

Quoted text here. Click to load it


<https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/
Very good article on how Spectre and Meltdown actually work by the
founder of Raspberry Pi, Eben Upton.

--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
On Fri, 05 Jan 2018 15:34:28 -0800, Jeff Liebermann wrote:

Quoted text here. Click to load it

Hi Jeff,
That has to be the single most enlightening (easily understood!) article on
the planet for this issue!

Thank you. Thank you. Thank you. Thank you.

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
On Sat, 6 Jan 2018 02:55:38 +0000 (UTC), Harry Newton

Quoted text here. Click to load it


Yep.  Even I can understand it.

Quoted text here. Click to load it

I had nothing to do with the article except that I found it with
Google.  

I get email from a former client asking if something I worked on 17
years ago might be vulnerable.  Why me?  Because everyone else on the
design end of the project has either retired, disappeared, gone
senile, or not kept up to date.

The whole mess reminds me of a local (name withheld) personality who
built a very expensive house in the area.  The house was the best that
his money could buy.  Unfortunately, a few years later, he discovered
that the site preparation was badly done and the foundation was
crumbling.  Fixing the foundation was VERY expensive.

For you amusement, Intel and others are pushing 802.11ax:
<http://maxwifi.org
<https://www.forbes.com/sites/moorinsights/2018/01/04/802-11ax-is-coming-from-intel-in-2018/
<https://www.digitaltrends.com/computing/802-11ax-wi-fi/
Everything you know is wrong and everything you own is obsolete.  To
keep up to date, all you need to do is blow about $400 for the latest
greatest routers.  In theory, it can work up to 3.5Gigabits/sec by
simply monopolizing most of the 5GHz band:
<http://maxwifi.org/how-max-works/#speed-enhancements
It also does seamless roaming, fast connect, predictive handoff, and
cook your breakfast.  I've heard this all before, but maybe they can
make it all work together this time.  The problem with previous
incantations is that no sooner is a seamless roaming protocol
published, that it is found not to work with a new, improved, and
allegedly unrelated comm or mesh protocol usually published AFTER the
seamless roaming protocol.


--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558

Re: Anyone know if the massive CPU flaw (Meltdown & Spectre) are in our WiFi devices?
On Sat, 06 Jan 2018 10:53:49 -0800, Jeff Liebermann wrote:

Quoted text here. Click to load it

On that note, I've been tinkering with the idea of replacing my Rocket M5
(which replaced my Rocket M2 which replaced my NanoBridge 2.4GHz which
replaced my Bullet HP M2) with a Rocket "ac" radio in the Santa Cruz
Mountains.

My local small-town WISP says that will improve my noise, which is kind of
high at -88dBm (signal is good though, at about -60dBm) and hence improve
my speeds.

Do you agree?

Site Timeline