Thursday, May 16, 2019

Zombie Load bug update solution

15/05/2019 - Zombie load bug : Intel : said to slow down processors especially with java

https://www.pcgamesn.com/intel/zombieload-mds-vulnerability-security-patch-hyperthreading-mitigation-performance

How do we avoid the performance loss? Believable solve

Essentially we have to make speculative load cache private to the operating system at a minimum, essentially we can still use masked data load above the system but we need to verify the task ID and PID and where possible tab/Window or process ID.

Essentially we need to trim the dataset to the process in a tree ML.

Processor : Privileged execution by kernel : By application list & Privilege level in regard to the recurved data.

Memory Containment is not just prefetch stack but also system, OS & Process.

Mitigation by security dam , Masking data & Antivirus software.

Essentially prefetch data is necessary  for assemblers & coders to optimise the code stack,

However security privilege levels for accessing the code within the entire windows stack is to be prioritised by privacy level.

Programs that optimise the execution priority need access ideally to data on execution timeline & data fetch,

However accessing the applications memory array in random address space needs to be tailored to the type of execution; Who it is by,

Privilege level & the process that created the interception relative to the executed process.

While this may prove measurable in protection; low level kernel executed viruses would still be able to access above..

Masking in the form of up & down privilege priority and task child/father/mother is a complex machine learning theatre of war,

A field of operation requiring kernel & userland advanced & sophisticated cyber security,
Contributing elements such as memory encryption & key data field scrambling/masking from spying; Snooping and virus do also enable payloads to go unfound..

In short solutions that enable privacy for process are also to be enabled for antivirus & security threat detection.

Complex systems of personal protection will also have to scan for code; JS & other applicable code that is out of place within the appliance frame work / stack .. Without compromising the security/privacy we personally seek.

Masking data is a processing task subject to objective fair use policy & usable system operation; Optimisation ability; memory clearing; field reduction or use & re use; Personal & impersonal information or data subsets,

Tasks & management.

(c)Rupert S

Fix-Spectra.bat Enables patches in windows

https://science.n-helix.com/2018/01/microprocessor-bug-meltdown.html

Update 14/05/2019 or later installed and all VM's need to be shutdown and restarted & updated according to Microsoft post.

More details:

https://www.datacenterknowledge.com/security/here-s-how-zombieload-affects-data-centers-and-what-do-about-it

https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-microarchitectural-data-sampling

Update 2: Buffer security strategy


To obtain buffers for one application only..
Extra buffers are deployed, These buffers can be cleaned or contain application specific data.
These are program specific and contain only data for one program.

Remember that clear buffer fetching can be done from a single place involving a single cached fetch cycle and memory location modification on write / Memory Reloc & are to be in level 2 or 3 cache.

Thusally we are able to maintain a clear buffer, After all clear buffers are not program specific so one will do and hence a single fetch by cache.

As stated buffer security plans include localised buffer fetch sets, Application specific & secure.

Strategy 2

Buffer arrangement is tiered in strategy 2

Tier 1 : Tier 2 : Tier 3 : Tier 4 : Tier 5

The same way we draw an ML diagram <:> Core cache : Secure tier 1 : Secure Tier 2

The arrangement can be by PID & father daughter sets & does not necessitate the clearing of the buffer unless this is requires, In the case of a clean buffer a clear standard buffer is already in Cache & is swapped in.

This strategy avoids buffer clearing cycles directly interfering with the program execution cycle,

For buffers are ether program specific in a key ring or already clear / State flushed.

(C)RS

No comments: