Risky Business #482 -- Meltdown and Spectre coverage without the flappy arms

Matt "pwnallthethings" Tait helps us understand these interesting flaws...
10 Jan 2018 » Risky Business

On this week’s show Matt “pwnallthethings” Tait joins the show to walk us through the so-called Meltdown and Spectre bugs. Most of the coverage of the flaws has either been massively hyped or detail-free, and Matt pops by to untangle the whole mess. He does a great job of it, too.

This week’s show is brought to you by Cylance. CTO Rahul Kashyap will be along in the sponsor chair to talk about why so many AV packages were causing Windows boxes to BSOD when Microsoft pushed its Meltdown patch.

Adam Boileau is back in the news hotseat, and boy oh boy do we have a lot to cover. Show notes are below, and you can follow Adam or Patrick on Twitter if that’s your thing.

Show notes

Intel CEO sold all the stock he could after Intel learned of security bug | Ars Technica
Bad docs and blue screens make Microsoft suspend Spectre patch for AMD machines | Ars Technica
MacOS LPE Exploit Gives Attackers Root Access | Threatpost | The first stop for security news
Project Zero: aPAColypse now: Exploiting Windows 10 in a Local Network with WPAD/PAC and JScript
NSA contractor pleads guilty to charge of hoarding troves of classified docs - Cyberscoop
The Wassenaar Arrangement's latest language is making security researchers very happy
White House Bans Staff From Using Personal Mobile Phones at Work - Bloomberg
New Rules Announced for Border Inspection of Electronic Devices | Threatpost | The first stop for security news
Facebook Is Disrupting North Korean Hacking Operations - Motherboard
Game-changing attack on critical infrastructure site causes outage | Ars Technica
I’m harvesting credit card numbers and passwords from your site. Here’s how.
Man's Life Savings Stolen from Hardware Wallet Supplied by a Reseller - Bitcoin News
Electrum Wallet Keys Could Be Snatched by Malicious Websites - Inside Bitcoins - News, Price, Events | Inside Bitcoins – News, Price, Events
Mailgun Security Incident and Important Customer Information
Reddit admits its email provider was hacked to steal Bitcoin Cash tips
Oracle app server hack let one attacker mine $226,000 worth of cryptocoins | Ars Technica
Jailed Russian says he can prove hack of DNC on Kremlin's orders
Hackers take control of security firm’s domain, steal secret data | Ars Technica
How Kaspersky’s Software Fell Under Suspicion of Spying on America - WSJ
“Political pressure” reportedly kills Huawei/AT&T smartphone deal | Ars Technica
Snowden’s App Probably Can’t Protect You From Targeted State Surveillance - Motherboard
Twitter Promoted a Tweet That Steals Your Credit-Card Details
Ukrainian hackers turn on own government to make it care about cybersecurity -Euromaidan Press |
What Happens If Russia Attacks Undersea Internet Cables | WIRED
Cyxtera Technologies to acquire offensive cyber firm Immunity
Full Disclosure: CVE-2017-15944: Palo Alto Networks firewalls remote root code execution
Ruben Berenguel, PhD on Twitter: "We’ve seen CPU usage go from ~20% to ~40% (and now critical machines with redundancy upscale under loads that before didnt made them blink). Costs this month in AWS will go up 10%, I predict (very least, haven’t checked EMR effect yet, if similar, 20-30%) #spectre #meltdown #fb"
A collection of links to PDFs of papers on Micro-Architectural Attacks (sorted by date) by Paul Harvey - kernel, vulnerabilities, meltdown | Peerlyst
Joanna Rutkowska on Twitter: "@tehjh @anders_fogh Something much simpler than what you did :) See below. This is part of the work Rafał Wojtczuk and I did back in 2010. It's no longer under… https://t.co/HFkUelrPBn"
CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 (Meltdown and Spectre) Windows antivirus patch compatibility
Cylance | Meltdown and Spectre Vulnerabilities