0
1

[–] J_Darnley 0 points 1 points (+1|-0) ago 

As far as I know there are no bios setting to guard against either of them. Turning off the virtualisation features would have just meant running VMs was slow and had no hardware pass-through options. It didn't disable speculative execution of branches. Disabling javascript in your browser was a good way to prevent a drive-by exploit just from visiting a website though. Not to mention it is good practice in general.

On servers, particularly virtual servers, it would have been a bigger deal because you might have different users running different thing all of which could read just about everything.

It almost sounds like you misunderstand what the exploits are. I don't. I just know that one of them featured observing side effects from speculative execution. I don't think either was particularly about VMs though.

0
0

[–] 12053639 [S] 0 points 0 points (+0|-0) ago  (edited ago)

LOL I was trying to answer my own question a little better and ran across this gem of a thread:

https://forums.virtualbox.org/viewtopic.php?t=86399

The hoops poor windows users need to jump through.

Anyway the way this relates to my question is that in the Windows world, at least, some of the "features" they have were blocking VT-X from being used by higher level virtualization tools.

What I am getting at, in essense, is the only vectors I can really see as being widely used would be if someone like Lenovo integrated some simple exploits into their drivers. Any drivers that needed to go through WHQL would either not have exploits or would make Microsoft Complicit in this massive crime that was perpetrated on us.

I know it could be as simple as a javascript in some cases, but it boggles the mind how that could be used with any reliability to actually gain a foothold? Sending data back, but what systems are self-congruent enough that you'd be able to use the exploit to do anything? You'd have to have a MASSIVE black budget even to create trivial tools using it.

So who was actually using Spectre?

If I were using it, hypothetically, I would want it on all the cloud devices I could infect with it; through drivers like netcode or something.

But to reliably use it on a virtual server, doesn't seem nearly as practical as those other vectors.

But I honestly don't know. The world is changing too fast, I can't keep up!

0
0

[–] 12053074 [S] 0 points 0 points (+0|-0) ago 

It almost sounds like you misunderstand what the exploits are.

I think the people who really understand how the exploits were actually used are still prohibited from discussing them.