Quote:
Originally Posted by PaceAdvantage
...What is the real difference between this security hole, or a hole in Windows itself (which as we know, has had MANY), that allows a malicious actor to capitalize on said security hole?...
Why is it somehow different or cataclysmic this time around?
|
It's not an end of the world scenario.
But, to my way of thinking, it's nastier this time around because other than staying completely off the internet - there really isn't an ironclad way to protect yourself.
Or maybe it's been that way for a while and I am just now finding out about it.
Patching your own machine doesn't mean you aren't vulnerable. Using a machine with a non-Intel chip doesn't mean you aren't vulnerable.
Consider the comment that I quoted beneath the article at the following link:
https://seekingalpha.com/article/413...tary-indicates
Quote:
Dannotech
Comments (261) |+ Follow |Send Message
@Jbitzerjr
The way the attacks works is that I could, as a C++ developer, buy a subscription to Azure, write a simple program that does some data analytics in the cloud, load it with my exploit, upload that program to the Azure cloud and let it run. And even though it a purely user-mode application, it has access to the machine and is constantly scraping data from other client OS's on that machine by peeking into the Kernel memory without the datacenter having any knowledge that the attack is happening.
There is no telling who might be my virtual neighbors on that machine, but what if it's a bank's web sight? The attacker could easy scrape account numbers and passwords as users login.
So yea, this is way bigger than on-site bad actors.
|
Suppose for the sake of argument you are using a machine with an Intel chip that's been patched, or you are using a machine with an AMD chip that isn't vulnerable to the exploit -- and while browsing the web you visit a site hosted on a server that hasn't been patched and has one of the newer Intel chips subject to the exploit.
Also suppose for the sake of argument that I am a hacker, and that I am hosting a site on that same server - a site that you never even visit - and that as part of my site, I am running a web service I wrote for the sole purpose of harvesting keyboard characters keyed by visitors who are browsing all of the other sites hosted on that same server - including the site you went there to visit using your patched machine.
As soon as you log into that site: I am now in possession of your login credentials. Suppose for the sake of argument they are:
Quote:
username: johnsmith @ aol.com
password: jsmith_ #417
|
Let's further suppose that the site you were visiting is a horse racing message board and it just so happens that's the only site in the world where you are using username johnsmith @ aol.com with password jsmith_ #417.
So the only thing I as a hacker can do with those log in credentials is log into that site and make posts as you.
Like you said: No biggie.
But I'm guessing that if I am able to harvest enough username/passwords:
There are probably a LOT of john smiths out there who are using the same username/password across multiple sites -- including those where real money is handled... paypal, banks, brokerage houses, etc.
The difference here is that patching your own machine, or using a machine with a chipset that isn't vulnerable to the exploits doesn't protect you.
Unless you stay completely off the internet you are literally relying on all web hosts everywhere to maintain servers that have been patched.
Off the top of my head, I'm guessing something like 99.999% of all legitimate web hosts are going to patch their servers as soon as patches become available (and keep them patched.)
But I'm also guessing there are always going to be bad actors who will intentionally operate server farms on machines that are never going to be patched.
I'm also guessing these bad actors will be hosting sites on those machines where the sole objective is to entice as many john smiths as possible to visit, create an account, and log in -- in hopes of harvesting login credentials that can be used somewhere else.
Like I said, maybe it's been that way for a while and I am just now finding out about it.
To my way of thinking, because the only way to really protect yourself is to stay completely off the internet: These exploits seem like a very big deal.
-jp
.
