Scientists at the Graz University of Technology discover a new gap



[ad_1]

"NetSpectre" is a paradigm shift, according to the researchers, because the newly discovered vulnerability can also be exploited remotely over a network.

Meltdown and Specter are among the worst security holes found in recent years. From the first discoveries were scientists from the Technical University (TU) Graz involved. Now they go after. As Daniel Gruss, Moritz Lipp, Michael Schwarz and Martin Schwarzl discovered, there is another variant of previously unknown Specter, but this time it can be exploited via networks. NetSpectre does not require the prior download and execution of malicious code, nor the visit of a website manipulated by javascript to exploit this vulnerability. NetSpectre can no longer be used locally, but remotely. Scientists therefore call their results a "paradigm shift". With NetSpectre, it is possible to attack a much wider range of network devices

Dangerous, but slow

In a white paper published today [PDF] scientists describe their new ideas. Like other Spectrum Spaces, NetSpectre is primarily targeted against Intel processors. The manufacturer was informed in March of this year, but had several months to prepare.

However, the speed at which data can be stolen on a network using NetSpectre is very slow. According to the researchers, they are only 15 at a maximum of 60 bits per hour. However, in the near or distant future, new opportunities could be found to accelerate the extraction of foreign data. That is why companies should not make the mistake of taking NetSpectre too early.

[ad_2]
Source link