this post was submitted on 13 Aug 2023
976 points (99.0% liked)

Technology

59673 readers
2917 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Oh no.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] Espi@kbin.social 43 points 1 year ago (2 children)

All these kind of CPU level vulnerabilities are the same, they are only really "risky" if there is malicious software running in the computer in the first place.

The real problem is that these CPU-level vulnerabilities all break one of the core concepts of computers, which is process separation and virtual memory. If process separation is broken then all other levels of security become pointless.

While for desktops this isn't a huge problem (except when sometimes vulnerabilities might even be able to be exploited though browsers), this is a huge problem for servers, where the modern cloud usually has multiple users in virtual machines in a single server and a malicious user could steal information across virtual machines.

[โ€“] towerful@reddthat.com 31 points 1 year ago* (last edited 1 year ago)

Your first paragraph isn't quite right.
Modern hacks/cracks aren't a "do this and suddenly you are in" type deal.
It's a cascade chain of failures of non-malicious software.
Saying "don't have a virus" is absolutely correct, however that's not the concern here.
The concern is about the broadening of the attack surface.

A hacker gets minor access to a system. Leverages some CVE to get a bit more access, and keeps poking around and trying CVEs (known or unknown) until they get enough access to run this CVE.
And then they can escape the VM onto the host or other VMs on the same system, which might then give them access to a VM on another host, and they can escape that VM to get access to another VM, and on and on.

Very quickly, there is a fleet of VMs that are compromised. And the only sign of someone poking around is on the first VM the hacker broke into.
All other VMs would be accessed using trusted credentials.

ETA:
Infact, it doesn't even need to be a hacker.
It could be someone uploading a CI/CD task using their own account. It extracts all API keys, usernames and passwords it can find.
Suddenly, you have access to a whole bunch of repositories and APIs.
Then you can sneak in some malicious code to the git repo, and suddenly your malicious code is being shipped within legit software that gets properly signed and everything.