That title is a bit much but seriously, with hardware that can leak info like in this talk and others; Is there really any security?
How could stuff like this be mitigated?
How could stuff like this be mitigated?
You can't define security until you've defined your opsec.
Everything.What does opsec have to do with anything?
# sysctl kern.securelevel=1
.I think you have the wrong end of the stick there.That's the type of mentality that leads to massive exploits like these.
I think you have the wrong end of the stick there.
Anybody wanting to learn might benefit from this The OPSEC Process.
To think about security, you need to know: (a) what is it you are protecting, (b) who are the attackers, and what motivates them, (c) what is the cost of security being breached, compared to (d) what is the cost (both one-time and recurring) of maintaining security. If you look at this breakdown, you see that actually implementing security is the art of doing a compromise. One one extreme, one can run the system like some government labs do, no external network connections, no USB sticks in and out the door, and hire dozens of marines to protect the data center (those sites do exist, I've worked with projects where every sys admin has an assault rifle on their back). But that is expensive, and working in such an environment is slow and annoying and unproductive. On the other hand, you can just order a laptop from Dell, install Windows with the free virus scanner that comes with it. If it is just for just browsing the web and watching movies, this is sufficient and appropriate (just don't try to check your bank account from that machine).
This is by the way one of the disturbing aspects of the recent Meltdown and Spectre problems, also present in row hammer: It only allows software that is already running on *your* computer to spy on your data. These problems are not like a burglar, who comes to your house in the middle of the night, uses a brick to break a window, and then steals your jewelry from the bedroom dresser. The programs that could theoretically use meltdown/spectre/row-hammer have all been authorized to be started, by the owner of the system! Instead it's more like a person who you regularly invite to come to your house. Imagine you hire a plumber, but completely forget to authenticate the plumber (does he actually have a contractor's license, which would not be issued to a person who has a track record of theft and robbery), you don't supervise him when you send him upstairs to fix the bedroom sink, you leave your jewelry right on the bedroom dresser, open for everyone to see and take, and after the plumber leaves, you don't even check for a few weeks whether the jewelry is still there. Look at the context that's being discussed for these vulnerabilities, and they are often about running javascript in the browser, or sharing one server with many VMs without considering that information will leak. We (both as a society and as the computer industry) have not been thinking about what information actually needs to be protected (and what doesn't), what the cost of that protection is, and conversely what the benefit of convenience (like any web page can run anything in java or javascript) actually is. This is where the security debate really has to happen, not by crucifying Intel or Linux or Windows.
It wouldn't prevent it. Thinking that everything can be prevented is a common mistake. In this case what has been discovered is not something that can't be imagined and certainly one can have a relevant plan in place. In this case, if "security" is important enough, then the approach might be to save what you have. If security is not so important, then they might just continue as is and let insurance (or serendipity) take care of it.How would your opsec prevent any of this?
It wouldn't prevent it. Thinking that everything can be prevented is a common mistake. In this case what has been discovered is not something that can't be imagined and certainly one can have a relevant plan in place. In this case, if "security" is important enough, then the approach might be to save what you have. If security is not so important, then they might just continue as is and let insurance (or serendipity) take care of it.
Also, I might point out that the thread title says "what is security" and is not about what actual security measures one might take in any given situation. At least that's the assumption, regarding this thread, that I've been working under here.
The point of this thread was to bring up something more fundamental, when rowhammer became public and all those rowhammer based attacks were targeting everything from android to servers I though people would think about these issues more deeply.
Just ignoring it and trying to move on, how's that even a valid solution?