nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
Dedupe, dedupe, dedupe dedupe dedupe... Who snuck in to attack Microsoft Edge?

Linux

Awaiting a "fix" from MSFT...

No mention of other systems though... are BSD, Linux, OSX etc. typically vulnerable? What about security orientated OSs like Qubes? Passing reference to "cloud" so can Xen be pwned/escaped from within a browser?

3
2
Silver badge

Re: Awaiting a "fix" from MSFT...

>What about security orientated OSs like Qubes?

What about security orientated OSs like OpenBSD?

FTFY

1
5
Linux

Re: Awaiting a "fix" from MSFT...

Steady on Hans! I did mention BSD - but it's really just a more security concious general purpose OS - not playing in the same league of security obsession as Qubes (or Whonix and whatnot...).

The report does state:

"On Linux, memory deduplication is known as kernel same page merging (KSM). The implementation operates differently compared to Windows, combining both scanning and merging operations in periodic and incremental passes over physical memory"

...but doesn't give an obvious statement on whether or not that's a good thing as far as this attack is concerned. Still reading...

Edit: Not sure why asking a question would earn us each a downvote... Has RICHTO stopped to pay us his respects?

6
2
Bronze badge

Re: Awaiting a "fix" from MSFT...

This isn't a Microsoft problem; this is a computer theory problem (there are many of these) which can be alleviated by the operating system. In this case, the problem is how memory itself is deduped, stored and secured.

It's likely other operating systems will find the same or similar problems since all use deduplication to handle data. Not only in memory, but on permanent storage media as well. Pointers instead of duplicate information is used all over the place to save time and space.

3
2
Silver badge

Re: Awaiting a "fix" from MSFT...

"Edit: Not sure why asking a question would earn us each a downvote.."

Standard thing. I think one person spends their entire day down voting.

7
2
Silver badge
Happy

Re: Awaiting a "fix" from MSFT...

See, I rest my case.

4
0
Linux

Re: Awaiting a "fix" from MSFT...

It seems that "KSM" (Kernel Samepage Merging) is typically disabled by default on Linux distros. It's enabled and tuned by a package called... somewhat unsurprisingly... "ksmtuned"

You can check with:

cat /sys/kernel/mm/ksm/run

"1" being "enabled" and "0" "disabled" - obviously.

http://blog.siphos.be/2013/05/enabling-kernel-samepage-merging-ksm/

1
0

Re: Awaiting a "fix" from MSFT...

What about ECC RAM?

3
0
Silver badge

Re: Awaiting a "fix" from MSFT...

All operating systems are affected by this, because Rowhammer is a hardware exploit, not a software exploit. Running on a computer system without ECC memory is what makes an operating system most vulnerable, and the Google team who documented Rowhammer made a veiled comment that Apple equipment seems to be particularly sensitive to this. They also mentioned that server-grade hardware with ECC memory wasn't so vulnerable, because ECC simply caught and corrected single-bit errors as they happened. Non-ECC systems simply do not enjoy this level of protection.

In other words, if you visit untrusted Web sites on any operating system running on a computer without ECC memory, you may as well go full Hillary Clinton and forget about using a password. ;)

0
2
Silver badge
Coffee/keyboard

Edge is secure?

On each Patch Tuesday which has patches for MS's browsers, you'll find half the CVEs are shared between IE and Edge.

1
2
Gates Horns

Re: Edge is secure?

IE 3 4 5 6 7 8 9 10 11 "Edge" is the most secure Microsoft browser to date. Don't you read our press releases?

11
4
Silver badge
Happy

Re: Edge is secure?

As opposed to Chrome 1,2,3,4.... oh I can't be arsed, what is it now 9307?

9
1
Anonymous Coward

dedupe? wtf? why?

Why the hell is a desktop OS, mucking about with de-duping memory pages, memory is cheap now, so it's pointless

or is this only for virtual systems, even then that seems stupid for security.

Sometimes Software engineers need a cluebyfour applied sharply to the head.

8
2
Bronze badge

Re: dedupe? wtf? why?

Because it's A LOT faster and allows more uniformity.

Unless you want to go back to the coding days where you really had to worry about where things were put into memory to ensure there were no conflicts. Manual memory management was a pain in the arse when most programs were less than 512K. Now programs require gigs of memory, it would take forever just to get it out the door by a team of people dedicated to it. Even then, you'd gripe because you'll use a program only to find it conflicts with another, and crashes. ..and if you think memory leaks are bad now. HA!

Again I say, half the people who post are below average intelligence... but it's probably a lot higher when it comes to knowledge of computer theory.

3
5
Boffin

Re: dedupe? wtf? why?

Newer languages and software architectures are utter catastrophe when it comes to memory use & management. For no added value except overly "architectured" code and runtimes for.. nearly zero gains (except trashing CPU caches by mis-aligning objects in memory and useless context switches). THAT'S why new software needs gigs of RAM.

You may be naïve thinking all this "progress" happen for the greater good. Mister commentard it is an industry with some of the most important issues on Earth (millions of billions of $, strategic information dominance, industry/military intelligence, ..) and it certainly is a filthy one.

4
1

This...

appears to be a hardware issue?

2
0
Anonymous Coward

Re: This...

Hard & soft.

It's a hardware feature/flaw (depending on your point of view) optionally activated by the kernel (or hypervisor) and handled differently by different kernels - potentially with differing ramifications as a result... As far as I can tell so far.

A more comprehensive list of systems which enable it by default would have been nice. Not just the list of M$ systems which enable it (8.1 & X) but it does seem to be off by default on most Linux distros.

3
2
Bronze badge

Will Life imitate Art?

"Rowhammer involves rapidly writing and rewriting memory to force capacitor errors in DRAM that can then be exploited to gain control of the system." Imagine that a "capacitor error" is an actual fire, as one might find if the attack conduit is a Smart Meter, and the "memory" is simply the On/Off of a device in its network.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing