Discover and read the best of Twitter Threads about #meltdown

Most recents (16)

Der Val3 fährt, aber Val2 nicht. Danke für nichts, jetzt muss ich immer mit den Schülern fahren.

Als ob in Wien-1 kein Bedarf wäre. Es ist so zum kotzen.
Jetzt wäre die Überlegung, die Jahreskarte inkl. NÖ zu kündigen, weil ohne Flughafenbus kommt die mir nicht mehr bedeutend billiger.
Ach ja, weiterhin 20min früher aufstehen und an Sonn und Feiertagen nur eine Verbindung.
Read 7 tweets
Mike Rothchild having a PANIC ATTACK TODAY 😂😂
Someone might want to screenshoot these tweets because I bet he takes them down. 😂😂#Meltdown #PsychWard
Read 4 tweets
.@Adamprice is completely wrong about livestock pasture. It is, in almost all cases, a net carbon source, not a sink:… #ClimateDebate
@Adamprice Hurray for Corbyn, promoting #rewilding!
@Adamprice Decarbonise all flights by 2040, @NicolaSturgeon?!! It's stupid, physically-impossible claims like this that create cynicism and confusion
Read 18 tweets
THREAD: Body Language Analysis No. 4401 Nancy Pelosi's and Donald Trump's 'Meltdown Meeting' #DonaldTrump
#NancyPelosi #Meltdown #MeltdownMeeting #NancysPoint #BodyLanguage #BodyLanguageExpert #Nonverbal #EmotionalIntelligence
1/ Earlier this week, a short, abbreviated analysis of this image was tweeted. What follows is a much more in-depth analysis of Donald Trump, Nancy Pelosi, and the others in the room.
2/ When a person has little or no empathy — and/or when they're far from their emotional baseline, their ability to interpret how others will view an event becomes dramatically distorted.
Read 63 tweets
𝗧𝗵𝗿𝗲𝗮𝗱 | 𝗧𝗵𝗲🍑𝗜𝗺𝗽𝗲𝗮𝗰𝗵𝗺𝗲𝗻𝘁 𝗼𝗳 𝗗𝗼𝗻𝗮𝗹𝗱 𝗝. 𝗧𝗿𝘂𝗺𝗽
Nancy Pelosi Announces Formal Impeachment Inquiry of Trump

🔗 #Trump #ImpeachTrumpNow #Resist #ImpeachTrump
Here’s a timeline of Trump’s Ukraine scandal. It’s damning.

🔗… #Trump #ImpeachTrumpNow #Resist #ImpeachTrump
Read 352 tweets
MORALE BOOST There is quite a bit of Remain despair on my timeline today… Don’t be down: the cabal is on the ropes, and we’re winning this. (short thread) #RuleOfLaw #JohnsonMustGo #JohnsonOut 😠✊🇪🇺🇪🇺🇪🇺🇪🇺🇪🇺
There is no room for complacency: we must focus and redouble the fight, but we’re now in the endgame of the disgraceful Johnson regime. They will try all the nasty tricks they can, but they are losing and they know it. #RuleOfLaw #JohnsonMustGo 🤓 🇪🇺🇪🇺🇪🇺
Consider: does a triumphant Prime Minister, in command of the agenda and masterfully executing his diabolical plans, have an angry meltdown in the voting lobby in Parliament..? 😃 #meltdown #JohnsonMustGo 🇪🇺
Read 12 tweets
[THREAD sorry]

So @smealum's #defcon #buttplug talk is done.

Piecing together what I can from slides posted to Twitter since going to Defcon would requires leaving the house.

AFAIK, our software is not affected by this specific exploit chain.

Info and some thoughts follow.
I will warn that this thread will be painfully technical.

If you're following me for intimate UI/UX contexts and don't wanna see a bunch of talk about OS API models and firmware and what not, feel free to mute this thread, I'll tag everything from here out with #meltbutt too.
So, to begin, an explanation of what's up:

@smealum presented today at @defcon 27, outlining a multi-exploit chain for Lovense toys, mostly between the Lovense electron app and their USB key, partially having to do w/ the firmware for the Nordic chip on the USB key.

Read 50 tweets
Speculative Side-Channel Attacks is misleading terminology and usually used incorrectly. We should all avoid using it and @intel, you should avoid using it too. Not only because it is misleading, but because it hinders successful communication on mitigations.
Let me elaborate:
A side-channel attack uses measurements of side effects to gather enough *meta data* (power consumption, runtime, cache state, etc) to *infer* secret information.
#meltdown #spectre #zombieload and related attacks and variants do not leak meta data. They leak the actual data.
There is no need to infer secret information from meta data, there is no meta data involved. Hence, they are *no side-channel attacks*.

"But they use flush+reload". Sure, but that doesn't make the attack a side-channel attack. Let's assume the following:
Read 11 tweets
From what I understand, the latest #OpenBSD vs #Intel thing went a little bit like that:
- OpenBSD: Can we be a part of this rumored Intel bug embargo?
- Intel: No. Go away.
- OpenBSD: dev do their homework, fix FPU bug, publish patch.
- Theo (at @BSDCan): we are worried, we don't have access to info. Please help us.
- Intel: publishes official advisory:…
Now everybody and their dogs are going crazy over #OpenBSD developpers doing their jobs , correcting stuff and "violating"an embargo... That they were *never* a part of. Because Intel did not want them to receive information!
Read 7 tweets
Quotable Quotes on #SoftwareTesting from this talk by @dakami at the inaugural DEF CON China. 1/?
"The goal of this talk is to connect a series of thoughts that you may never have thought were linked...Anything can be linked." 1:15
Read 44 tweets
The assumption "bug collisions are so common in all software that everyone should assume that for any bug disclosed, it's probably been found by attackers & exploited already" contrasts how scientific research works. Security research is no exception.
Bug & research "collisions" can happen due to lots of low-hanging fruit. It can also occur when researchers pay attention to reach other's work. I've discussed researcher "swarming" for years, & recently on stage at BlackHat this summer.
Bug collision or correlation rates for software that has a lot of bugs (bug dense, say, because of not being well-tested) will generally model higher bug collision rates than in software with low bug density. See slides #23-27 from my RSA talk in 2015.…
Read 17 tweets
Thread time! Why can't they just quickly patch #meltdown or #spectre and push out another cpu? Why could it possibly take years? Why don't they use AGILE or x/y/z? Lots of reasons:
(note: my goal is not to criticize chip manufacturers - it's to defend the constraints they have)
Let's start with a standard software product many are familiar with and work off that. First, every time you hit 'build' it's called a 'stepping', costs millions of dollars & takes several months. If you want a profitable product, you may only get 10 chances to press 'build'.
On top of that, half those 'builds' are not 'full layer steppings' meaning you can't change any logic gates, just how they're connected. Even with a full layer stepping you can't shuffle stuff around anywhere like you can with library files and whatnot.
Read 15 tweets
Here's my layman's not-totally-accurate-but-gets-the-point-across story about how  #meltdown & #spectre type attacks work:

Let's say you go to a library that has a 'special collection' you're not allowed access to, but you want to to read one of the books. 1/10
You go in and go to the librarian and say "I'd like special book #1, and the Sue Grafton novel that corresponds to the first letter of page 1 of that book." 2/10
The librarian dutifully goes and gets special book #1, looks at page 1, sees 'C', and also grabs 'C is for Corpse', and comes back to the desk, but does not show you the books. 3/10
Read 10 tweets
Here are a few insights on the #Meltdown and #Spectre vulnerabilities based on my recent @RANDCorporation research. /1…
First, this is yet another reminder that vulnerabilities can last a long time (our data showed vulnerabilities lasted 6.9 years before being publicly disclosed) and have a low chance of being discovered (5.7% per year). /2
But the #Meltdown / #Spectre news also has me thinking about a "swarm mentality" among hackers of all stripes after a vulnerability is disclosed. /3
Read 8 tweets
Explainer on #Spectre & #Meltdown:

When a processor reaches a conditional branch in code (e.g. an 'if' clause), it tries to predict which branch will be taken before it actually knows the result. It executes that branch ahead of time - a feature called "speculative execution".
The idea is that if it gets the prediction right (which modern processors are quite good at) it'll already have executed the next bit of code by the time the actually-selected branch is known. If it gets it wrong, execution unwinds back and the correct branch is executed instead.
What makes the processor so good at branch prediction is that it stores details about previous branch operations, in what's called the Branch History Buffer (BHB). If a particular branch instruction took path A before, it'll probably take path A again, rather than path B.
Read 28 tweets
Some of you might be hearing about #Spectre and #Meltdown today, which allow memory from other processes and the kernel itself to be read. They exploit CPU designs.

I'm still doing my reading, but a good place to start if you're technically inclined is
Spectre involves training the CPU to speculatively run invalid code in the victim's address space, and then using a side-channel (such as cache timings) to infer details about the victim's memory.

It affects at least AMD, Intel and ARM CPUs

The sample exploit reads 10KB/s.
Spectre also includes sample code for breaking out of the JavaScript sandbox on chrome.

It's very, very clever.
Read 10 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!