flat assembler
Message board for the users of flat assembler.

Index > Heap > sleepsleep's vitally important things

Goto page Previous  1, 2, 3 ... 232, 233, 234 ... 245, 246, 247  Next
Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
sleepsleep wrote:
New AMD Side Channel Attacks Discovered, Impacts Zen Architecture
https://www.tomshardware.com/uk/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture
Quote:

The researchers exploited the vulnerability via JavaScript run on Chrome and Firefox browsers, and also gained access to AES encryption keys. The exploit can also purportedly be used to penetrate cloud deployments in the data center. The paper suggests several possible remedies for the vulnerability through a combined software and hardware approach, but doesn't speculate on the performance hit associated with the suggested fixes.

All modern processors have vulnerabilities, they are the most complex devices designed by humankind, after all, so crafty researchers will continue to find holes in the architectures
The solution is simple, don't let random websites run code on your system. Disable JS.
Post 08 Mar 2020, 08:05
View user's profile Send private message Visit poster's website Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 706
Location: Belarus
DimonSoft
And uninstall all the web browsers and messengers. Otherwise the protection is not going to be efficient.
Post 08 Mar 2020, 08:32
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
revolution wrote:

The solution is simple, don't let random websites run code on your system. Disable JS.

you are cloning your system into my system, Very Happy

DimonSoft wrote:

And uninstall all the web browsers and messengers. Otherwise the protection is not going to be efficient.

someday, one company will create antivirus for processors, Very Happy
Post 08 Mar 2020, 15:23
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
here is one interesting idea,

the current conscious is holding views, lots of conclusions, it was mentioned that you are "fill in the blank" the moment you no longer hold any views, ideas, conclusions,

and it was mentioned that, such state is higher than your current state,

but such state is the cessation of your conscious which you yourself could no longer bear witness,

so, this is weird, you try so hard to evolve so that you don't have to be yourself? and become a non yourself?
Post 08 Mar 2020, 15:49
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
you got 72, and you are 72,
you are asked for next number,
Post 08 Mar 2020, 19:12
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
you could only have next number if you know previous number

3,6,18,72,

exactly the same situation with us right now, we could only know our next stage provided we could recall our previous state
Post 08 Mar 2020, 19:13
View user's profile Send private message Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 706
Location: Belarus
DimonSoft
sleepsleep wrote:
someday, one company will create antivirus for processors, Very Happy

Antiprocessor. Being something to work against physical objects it should somehow be related to antimatter.
Post 09 Mar 2020, 05:56
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
how we create our sperm right now is exactly how our father created us years ago,

the physical part of us were from that moment, cells, dna and etc hold something from that moment, from our parent, grandparents, grand grand and more,

the i probably fill in in later stage, the idea is like building a car,

the car must get assembled before a driver can drive it, whatever that happened from the sperm to egg, pregnant, till the baby born, and even till the state the baby can talk, we are not actually inside yet,

is after the petrol filled into, the start button pressed, then only the car is activated, the spark,

~

there are lots of preferences,

but if to let you choose an ant from many ants, which one will you choose?
zero preferences,

am not sure if the system intended us to have zero preferences, like viewing everything as if choosing an ant from all same ants,
Post 09 Mar 2020, 17:16
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
New flaw in Intel chips lets attackers slip their own data into secure enclave
https://techcrunch.com/2020/03/10/new-flaw-in-intel-chips-lets-attackers-slip-their-own-data-into-secure-enclave/

Quote:

But while Meltdown and Spectre were about forcing that leakage and collecting the data, LVI takes it a step further, letting the attacker place new values into the process so that it comes out the way they like it.

Post 10 Mar 2020, 23:25
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
AvastSvc.exe contains a full, unsandboxed JavaScript/DOM implementation (github.com)
https://github.com/taviso/avscript

Quote:

If you find a vulnerability, it is likely critical and wormable.


hello avast antivirus lol,

all kinds of big sofwares, high usage softwares, definitely have backdoors, all kind of agents, all countries secret agents working inside forbes 100 enterprises,
Post 11 Mar 2020, 11:02
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
AVs are the spyware. I think we covered that in the past. And since they run code from untrusted outside agents then people should be very concerned about the AV being compromised. Coupled with the fact that the AVs have system privileges the whole thing becomes a nightmare.

Personally, I used to use VirusTotal.com to let someone else run the code and see what they thought of it. But now it is all JS only and I gave up. Running JS code from an untrusted source (VT) in an effort to avoid running other code from an untrusted source (some random file) defeats the whole purpose. Sad

What a shambles many websites have become. SadSad
Post 11 Mar 2020, 11:24
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1471
Furs
Just sandbox the browser. The chance that it will get compromised on top of that (plus the application you're scanning) is probably smaller than being struck by lightning.

And I haven't been struck by lightning yet. Don't plan to.
Post 11 Mar 2020, 16:07
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
IIRC sandboxes protect against data infiltration, but are open to exfiltration.

I think a full VM might be a better option, but they are cumbersome and annoying.

And there is still the problem of Meltdown etc., that use JS to exploit some flaw. VMs and sandboxes don't stop those.

But, still, why support sites that want to encourage users to be unsafe? I much rather just stop using it.
Post 11 Mar 2020, 16:26
View user's profile Send private message Visit poster's website Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 706
Location: Belarus
DimonSoft
revolution wrote:
And there is still the problem of Meltdown etc., that use JS to exploit some flaw. VMs and sandboxes don't stop those.

I’m still looking for a proof-of-concept for Meltdown that would work and give any interesting information.
Post 11 Mar 2020, 17:08
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1471
Furs
revolution wrote:
IIRC sandboxes protect against data infiltration, but are open to exfiltration.

I think a full VM might be a better option, but they are cumbersome and annoying.

And there is still the problem of Meltdown etc., that use JS to exploit some flaw. VMs and sandboxes don't stop those.

But, still, why support sites that want to encourage users to be unsafe? I much rather just stop using it.
Most speculative execution attacks take a while before they leak any data. I'm assuming you use virustotal for a minute at most so you should be safe. Wink

They also use a lot of CPU usage so you can clearly see if they're doing something fishy by using a lot of CPU when "idle".
Post 12 Mar 2020, 14:01
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
thought about this word, existence, exists after tomasz thread,

and how we could define this word,

exists is interconnected with the word conscious, because exists is whatever that a conscious could and could not realize, recognize, etc

conscious is the ability to realize, aware, the ability to process info, conscious is i, the awareness of i itself, and through that, conscious beyond i and realize beyond i,

conscious is the loop that keep on checking for case,

~

yes, we could have infinite digit of numbers, infinite ideas, and probably infinite existence, infinite kinds of infinite,

after all, the only truth is everything change including the truth,
Post 12 Mar 2020, 16:31
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
Furs wrote:
Most speculative execution attacks take a while before they leak any data. I'm assuming you use virustotal for a minute at most so you should be safe. Wink

They also use a lot of CPU usage so you can clearly see if they're doing something fishy by using a lot of CPU when "idle".
Why are people so willing to bend over backwards just to use some website? The whole concept is broken. A website claiming to improve your security requires you to lower your security to use it. That sounds like Alice in wonderland to me.
Post 12 Mar 2020, 18:54
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
somehow this idea keeps on looping inside my conscious,

there are lots of belief out these, from some super tiny one to some very grand and huge generalization,

we know we can't take anything away from this life, except probably some memories, or maybe just nothing,

we said we know, we believe, but in reality, we don't,

we don't even realizing those words,

we still spending our limited hours to attach more things as if we could own them forever,

we are far from believe, far far away from holding those words as our core,

~

all experiences,

englightenment is like final generalizing, there is only unknown before 1 and 0 and unknown that cause 1 and 0,

~

what would happen to earth, and its population after 1000 years from today?

or 10,000 years, or 100,000 years,

~

what cause and spark intentions, ideas, desires etc,

it just funny how we could still continue living our days,
Post 12 Mar 2020, 20:09
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
sleepsleep wrote:
what would happen to earth, and its population after 1000 years from today?

or 10,000 years, or 100,000 years,
Life will adapt and endure. Even if humans die out or evolve into something new, as far as the planet is concerned, it is no big deal. Other life will emerge to replace us. Life goes on.
Post 12 Mar 2020, 20:50
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
where am i in year 2100? approximately 80 years from now?
would this board still around? fasm still around?

would all the people you love and hate still around?

still running windows 10?

intel or amd or arm? or tesla processor?

can everybody fly to moon?

10G network with integrated human skin smartphone?

collapse of all big generalization?

trump still stand as president?

no more cable and wireless charging become a norm?

too bad, not everybody can witness all these, what a pity
Post 13 Mar 2020, 03:06
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3 ... 232, 233, 234 ... 245, 246, 247  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.