Chirurgia endoscopică a hipofizei
"Standardul de aur" în chirurgia hipofizară îl reprezintă endoscopia transnazală transsfenoidală. Echipa NeuroHope este antrenată în unul din cele mai mari centre de chirurgie a hipofizei din Europa, Spitalul Foch din Paris, centrul în care a fost introdus pentru prima dată endoscopul în chirurgia transnazală a hipofizei, de către neurochirurgul francez Guiot. Pe lângă tumorile cu origine hipofizară, prin tehnicile endoscopice transnazale pot fi abordate numeroase alte patologii neurochirurgicale. www.neurohope.ro |
Intel CPU - Design flaw in fiecare procesor din ultimii 10 ani
Last Updated: Mar 12 2021 19:26, Started by
ct03nut
, Jan 03 2018 09:08
·
0
#1531
Posted 15 May 2019 - 15:47
Arthos, on 15 mai 2019 - 10:21, said:
Se pare ca Intel a incercat o amanare a dezvaluire a vulnerabilitatilor cu inca 6 luni : Original olandeza : https://www.nrc.nl/n...l-hart-a3960208 Google Translate : https://translate.go...l-hart-a3960208 |
#1532
Posted 18 May 2019 - 18:30
The Performance Impact Of MDS / Zombieload Plus The Overall Cost Now Of Spectre/Meltdown/L1TF/MDS
Quote
If looking at the geometric mean for the tests run today, the Intel systems all saw about 16% lower performance out-of-the-box now with these default mitigations and obviously even lower if disabling Hyper Threading for maximum security. The two AMD systems tested saw a 3% performance hit with the default mitigations. While there are minor differences between the systems to consider, the mitigation impact is enough to draw the Core i7 8700K much closer to the Ryzen 7 2700X and the Core i9 7980XE to the Threadripper 2990WX. More Linux mitigation benchmarks are coming up on Phoronix in the days ahead Gaming Performance Only Faintly Touched By MDS / Zombie Load Mitigations Quote So maybe a ~1% hit for some Linux games (if that in some configurations) as a result of the new default MDS mitigations and stopping short of disabling Hyper Threading, but even there most Linux games at least don't use more than a few cores/threads. But as said, will have some low-end Linux gaming hardware tests out in the days ahead. More of the CPU/system benchmarks that are much more interesting in the context of these mitigations will be out shortly where it seems to be commonly 4~5% but more significant in the context switching heavy workloads. |
#1533
Posted 18 May 2019 - 18:51
Impactul e minimal pentru gen 8 și gen 9 fiindcă astea au fix în hardware. Gen 7 și mai jos sunt cu probleme.
|
#1534
Posted 18 May 2019 - 19:12
Au fix hardware doar pentru Meltdown varianta 3 - Rogue Data Cache Load si 5 - L1 Terminal Fault si din pacate dupa cum noteaza Vrije Universiteit Amsterdam :
Quote Ironically, the recent hardware countermeasures introduced by Intel in recent Coffee Lake Refresh i9 CPUs to prevent Meltdown make them more vulnerable to Fallout, compared to older generation hardware. |
#1535
Posted 19 May 2019 - 08:38
Nu m-ar mira ca soluțiile Intel să aducă alt set de vulnerabilități. Ne-am obișnuit ca Intel să o dea în bară cu toate. Au probleme cu 10 nm, au probleme cu livrarea procesoarelor, au probleme cu vulnerabilitățile, au probleme cu update-urile de microcod. E bine că nu se mai concentrează pe procesoare de smartphone-uri și modem-uri 5G, ca să facă treaba bună pe partea de PC-uri.
|
#1536
Posted 21 May 2019 - 23:36
Mr_nobody_, on 19 mai 2019 - 08:38, said:
Ne-am obișnuit ca Intel să o dea în bară cu toate. [,,,] E bine că nu se mai concentrează pe procesoare de smartphone-uri și modem-uri 5G, ca să facă treaba bună pe partea de PC-uri. https://www.techpowe...con-supply-race Iti si traduc, daca vrei. |
#1537
Posted 22 May 2019 - 04:53
Vezi ca gresit topicul si contul o fi de la lipsa de somn
|
#1538
Posted 31 May 2019 - 21:33
Fallout: Reading Kernel Writes From User Space
Quote
(Submitted on 29 May 2019) Recently, out-of-order execution, an important performance optimization in modern high-end processors, has been revealed to pose a significant security threat, allowing information leaks across security domains. In particular, the Meltdown attack leaks information from the operating system kernel to user space, completely eroding the security of the system. To address this and similar attacks, without incurring the performance costs of software countermeasures, Intel includes hardware-based defenses in its recent Coffee Lake R processors. In this work, we show that the recent hardware defenses are not sufficient. Specifically, we present Fallout, a new transient execution attack that leaks information from a previously unexplored microarchitectural component called the store buffer. We show how unprivileged user processes can exploit Fallout to reconstruct privileged information recently written by the kernel. We further show how Fallout can be used to bypass kernel address space randomization. Finally, we identify and explore microcode assists as a hitherto ignored cause of transient execution. Fallout affects all processor generations we have tested. However, we notice a worrying regression, where the newer Coffee Lake R processors are more vulnerable to Fallout than older generations. Attached Files |
#1539
Posted 16 June 2019 - 08:58
#1540
Posted 17 June 2019 - 11:49
DIVX2006, on 16 iunie 2019 - 08:58, said:
Ps : astept cu nerabdare r9 3950x ! On. Haideti ma cu primul atac confirmat, caci cu penalizarile m-ati convins. La cat le-ati umflat, 9900k trebuia sa se bata acum cu r3 1200, dar tot sef in tot a ramas. Sau sa fie de la faptul ca ryzenul nu e nici pe departe atat de fortzos cat l-ati vrea? Edited by Homo_Forumus, 17 June 2019 - 11:50. |
|
#1541
Posted 06 August 2019 - 22:17
CVE-2019-1125: Spectre SWAPGS gadget vulnerability
Quote This additional attack vector builds on existing software fixes shipped in previous kernel updates. An unprivileged local attacker can use these flaws to bypass conventional memory security restrictions to gain read access to privileged memory that would otherwise be inaccessible. This vulnerability only applies to x86-64 systems using either Intel or AMD processors. |
#1542
Posted 07 August 2019 - 17:46
Quote Bitdefender researchers, meanwhile, said they tested two AMD chips and found no evidence either was affected. Quote AMD is aware of new research claiming new speculative execution attacks that may allow access to privileged kernel data. Based on external and internal analysis, AMD believes it is not vulnerable to the SWAPGS variant attacks because AMD products are designed not to speculate on the new GS value following a speculative SWAPGS. For the attack that is not a SWAPGS variant, the mitigation is to implement our existing recommendations for Spectre variant 1. |
#1543
Posted 11 September 2019 - 00:08
Systems and Network Security Group at VU Amsterdam Network Cache ATtack (NetCAT)
[ https://www.youtube-nocookie.com/embed/QXut1XBymAk?feature=oembed - Pentru incarcare in pagina (embed) Click aici ] Quote We initiated a coordinated disclosure process with Intel and NCSC (the Dutch national CERT) on June 23, 2019. The vulnerability was acknowledged by Intel with a bounty and CVE-2019-11184 was assigned to track this issue. The public disclosure was on September 10, 2019. Quote
Is DDIO enabled by default? Yes, DDIO is enabled transparently by default in all Intel server-grade processors since 2012 (Intel Xeon E5, E7 and SP families). Does writing side channel-resistant (constant-time) software help? No, with NetCat, we are remotely side channeling the activity of the hardware (i.e., a network device). As long as the network card creates distinct patterns in the cache, NetCAT will be effective regardless of the software running on the remote server. Nonetheless, Intel’s recommendation to deploy side channel-resistant software may be helpful against future NetCAT-like attacks that target victim software on DDIO-enabled machines. I use a public cloud provider. Am I at risk? If DDIO is available/enabled on your platform, you are affected by the vulnerability. If RDMA is also enabled, the vulnerability immediately exposes your server to practical side-channel attacks over the network, as demonstrated by our NetCAT exploit. I am a public cloud provider. How can I protect my customers? Disable DDIO to eradicate the vulnerability (or at least RDMA to reduce its impact). How can I disable DDIO? You can disable DDIO by adjusting the Integrated I/O (IIO) configuration registers. There are two possibilities, changing it globally (Disable_All_Allocating_Flows bit) or per root PCIe port (NoSnoopOpWrEn and Use_Allocating_Flow_Wr bit). We successfully mitigated NetCAT by setting these bits on our Intel Xeon E5 cluster. For the Intel Xeon SP families, the offsets of these bits are not (yet) publicly documented. TL;DR : Practic procesoarele Intel permit perifericelor PCIE sa isi imbunatatieasca latentele/performanta prin permiterea accesului la memoria cache din procesor, evident la gramada fara bariere prin Data-Direct I/O (DDIO) versus Direct Memory Access (DMA). Attached FilesEdited by Arthos, 11 September 2019 - 00:13. |
#1544
Posted 11 September 2019 - 07:07
Din ce in ce mai trist sa fii posesor de procesor Intel.
Ce s-a mai intamplat cu rularea de microcod de catre windows ca update de bios se pare ca e prea greu pt unii? |
#1545
Posted 08 November 2019 - 16:23
Reverse Engineering x86 Processor Microcode
Quote Our analysis primarily covers AMD K8 and K10 processors because—to the best of our knowledge—they are the only commercially available, modern x86 microarchitectures lacking strong cryptographic protection of microcode patches Quote AMD released new versions of its K8 and K10 processors from 2003 to 2008 and 2008 to 2013, respectively. Note that the actual production dates may vary and in 2013 only two low-end CPU models with K10 architecture were released. K9 is the K8’s dual-core successor, hence the difference is marginal from our point of view. Family 11hand 12h are adapted K10 microarchitectures for mobile platforms and APUs. Quote We demonstrated that malware can be implemented in microcode. Furthermore, malicious microcode update scan be applied to unmodified K8 and K10-based AMD CPUs. This poses a certain security risk. However, in a realistic attack scenario, an adversary must overcome other security measures. A remote attacker has to bypass application and operating system isolation in order to apply a microcode update. Quote Responsible Disclosure We contacted AMD in a responsible disclosure process more than 90 days prior to publication and provided de-tailed information about our findings Reverse Engineering x86 Processor Microcode.pdf 2.4MB 2 downloads |
|
#1546
Posted 12 November 2019 - 22:18
Zombieload V2 : https://zombieloadattack.com/
Quote
Update: New Variant of ZombieLoad enables attacks on MDS-resistant CPUs With November 14th, 2019, we present a new variant of ZombieLoad that enables the attack on CPUs that include hardware mitigations against MDS in silicon. With Variant 2 (TAA), data can still be leaked on microarchitectures like Cascade Lake where other MDS attacks like RIDL or Fallout are not possible. Furthermore, we show that the software-based mitigations in combinations with microcode updates presented as countermeasures against MDS attacks are not sufficient. We disclosed Variant 2 to Intel on April 23th, 2019, and communicated that the attacks work on Cascade Lake CPUs on May 10th, 2019. On May 12th, 2019, the variant has been put under embargo and, thus, has not been published with the previous version of our ZombieLoad attack on May 14th, 2019. Deep Dive: Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort / CVE-2019-11135 / INTEL-SA-00270 2019.2 IPU – TSX Asynchronous Abort Advisory Lista cu procesoarele afectate : SA00270-microcode-update-guidance.pdf 305.54K 12 downloads Edited by Arthos, 12 November 2019 - 22:26. |
#1547
Posted 13 November 2019 - 00:50
Mda, se pare ca era una din 77 de vulnerabilitati : IPAS: November 2019 Intel Platform Update (IPU):>
https://mdsattacks.com/#ridl-ng [ https://www.youtube-nocookie.com/embed/zaTxBZXE9pQ?feature=oembed - Pentru incarcare in pagina (embed) Click aici ] Edited by Arthos, 13 November 2019 - 00:59. |
#1548
Posted 11 December 2019 - 12:14
Intel : Intel® Processors Voltage Settings Modification Advisory
ArsTechnica : Intel’s SGX coughs up crypto keys when scientists tweak CPU voltage Plundervolt : How a little bit of undervolting can cause a lot of problems [ https://www.youtube-nocookie.com/embed/1bvK532x3ys?feature=oembed - Pentru incarcare in pagina (embed) Click aici ] [ https://www.youtube-nocookie.com/embed/In3B9L5Jyo4?feature=oembed - Pentru incarcare in pagina (embed) Click aici ] [ https://www.youtube-nocookie.com/embed/yo9B2ZRVW9Q?feature=oembed - Pentru incarcare in pagina (embed) Click aici ] Quote Intel has worked with system vendors to develop a microcode update that mitigates the issue by locking voltage to the default settings. |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users