Hey, I know this one!
I actually do!
I live in Wichita and just so happen to have seen that sign and yes, it was broken when I saw it too.
This was taken back on April 6th 2019, they should really sort out there software on this thing.
7 publicly visible posts • joined 8 Apr 2016
I actually do!
I live in Wichita and just so happen to have seen that sign and yes, it was broken when I saw it too.
This was taken back on April 6th 2019, they should really sort out there software on this thing.
I don't know Spectre stuff very well but from what I understand this isn't about ALSR like the other commenter was saying but about making the Javascript JIT that is included in Google Chrome avoid generating code that could be abused for speculative execution or generate some speculative execution barrier in the vulnerable parts. This is because Javascript gets compiled to assembly for performance instead of being interpreted. Chrome's JIT implementation (called V8) had the possibility to JIT code that could be abused to do timing attacks against some address and figure out either if there was anything mapped there or if some data they predicted would be there.
As for your comment on process isolation. I believe it's because Spectre was never about getting info from other SEPARATE processes. It was about getting info from mapped pages that weren't readable to the current process. Like ring-0 code reading something vs ring-3 code reading something. As long as none of the other pages from that process were mapped into memory of the second process then I don't think Spectre affects things like this. The reason Chrome does process isolation is so that if someone gets code execution in a rendering process or such then it won't be able to read things like cookies or the page contents of sites that weren't from the same origin as that rendering process.
That's not how KASLR works in any implementation and for good reason.
Before the kernel begins executing it's totally feasible to relocate it but after the kernel starts running the kernel can't be moved without breaking any pointer it has to its self.
Also think of the performance hit. Even if the kernel is only a couple megabytes big with drivers added that's still a large amount of data that needs to be moved every so often.
Also how often would you move the kernel around?
Even if you solve all of those problems that doesn't even help because all an attacker has to do it use whatever address leak exploit they were using in the first place just later in the exploit chain so that it will still be correct whenever the exploit actually use it.
KASLR is just suppose to make it so that the address isn't predictable without leaking its address somehow, not to prevent leaks from permanently disclosing the kernel location.
From what I understand here is what happened.
Linus first noticed a bug that was a side effect of this underlying error and attempted to fix it. He rolled it back due to the S/390 build failing and just said screw it since the bug he was experiencing wasn't actually doing anything bad at the time. This was all before Copy On Write was implemented into the kernel so there wasn't any vulnerability yet. Fast forward 10 years and COW is now implemented in the kernel around this buggy code. Someone found the bug and used it in combination with COW to produce this exploit in the wild. Then it was noticed and patched. I don't think Linus would have just left a bug like that sit for 10 years unless it was pretty trivial and at the time couldn't cause anything malicious.
I wouldn't say it's been abandon ages ago.
According to the Nexus 7 (2012 edition)'s Wikipedia page the device is upgradable to 5.1.1 Lollipop and CyanogenMod is still providing updates for it. (granted not for Marshmallow but since it is still getting the nightly builds it's possible for it to get Marshmallow)
Whenever I read about browser market shares I wonder how accurate the measurements are. I guess it just depends on what the site and thus the people that are visiting it. Even sites like this that collect data from thousands of websites are probably off by quite a bit.
In a lot of the other articles that I've seen it always seems that Chrome is on top followed by Firefox or IE. Just as an example if you google "browser market share" and click the first link you get this article's source which says that IE is neck and neck with Chrome. While if you click the second or third link you will see that Chrome dominating with Firefox and IE fighting for second.
Just from exploring the other links I've started to see that trend again of Chrome then Firefox/IE. Judging from the majority rather than just one I'd probably say the Chrome really is on top and from the looks of it by quite a considerable amount, not that that can't change pretty quickly thought.
It's not that this article is necessarily wrong, it's just that it's a bit of an oddity compared to the rest and as such I kinda question if it's source is very accurate.