Reply to post: "So far, no miscreants have been caught exploiting the vulnerabilities in the wild"

Revealed: El Reg blew lid off Meltdown CPU bug before Intel told US govt – and how bitter tech rivals teamed up

Roo
Windows

"So far, no miscreants have been caught exploiting the vulnerabilities in the wild"

... "We suspect this is part due to the wide rollout of mitigations, and part due to there being better bugs for hackers to abuse."

I suspect it's because there is no reliable tool for detecting cache side-channel attacks, so the attacks are flying below the radar. The techniques I've seen so far require calibration to avoid false positives, and it looks to me as though attackers could defeat those methods by reducing or disguising their activity to below the magic threshold that the detector is set to...

It'll be interesting to see how the first detection in th wild happens and how many false positives they had to discount. :)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon