In order to fulfill the basic functions of our service, the user hereby agrees to allow Xiaomi to collect, process and use personal information which shall include but not be limited to written threads, pictures, comments, replies in the Mi Community, and relevant data types listed in Xiaomi's Private Policy. By selecting "Agree", you agree to Xiaomi's Private Policy and Content Policy .


[News] NetSpectre : New Remote Spectre Attack Steals Data Over the Network!

2018-07-30 03:56:34
735 11

Hey, Mi Fans!

The Meltdown and Spectre attacks revealed earlier in 2018 kicked the year off with a concerning bang due to the wide range of hardware affected. Since they were disclosed, Microsoft, AMD, Intel, and other companies have managed to limit the potential for widespread attacks with a series of hardware and software mitigations. Still, new variants on the attack continue to be discovered, and the latest widen the potential pool of devices impacted.

  • A Team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system.

  • This new attack codenamed NetSpectre is a major evolution for Spectre attacks and is related to Spectre variant 1.

  • It affects nearly billion devices around the world.

What is NetSpectre?
NetSpectre is a generic remote Spectre variant 1 attack which leaks sensitive data, such as encryption keys or passwords, using the NetSpectre attack in a cloud environment. Spectre variant 1 induces speculative execution in the victim by mistraining a conditional branch, e.g. bounds check. This new remote side-channel attack abuses speculative execution to perform bounds-check bypass and can be used to defeat address-space layout randomization on the remote system.

How Does it Work?
The building blocks of a NetSpectre attack are two NetSpectre gadgets- a leak gadget and a transmit gadget. The leak gadget accesses a bit stream at an attacker-controlled index, and changes some microarchitectural state depending on the state of the accessed bit. The transmit gadget performs an arbitrary operation where the runtime depends on the microarchitectural state modified by the leak gadget. The attacker constantly performs operations to mistrain the processor, which will make it constantly run into exploitably erroneous speculative execution.

NetSpectre has low exfiltration speeds:-
Although the attack is innovative, NetSpectre also has its downsides (or positive side, depending on what part of the academics/users barricade you are). The biggest is the attack's extremely slow exfiltration speed, which is 15 bits/hour for attacks carried out via a network connection and targeting data stored in the CPU's cache. Academics achieved higher exfiltration speeds of up to 60 bits/hour with a variation of NetSpectre that targeted data processed via a CPU's AVX2 module, specific to Intel CPUs. Nonetheless, both NetSpectre variations are too slow to be considered valuable for an attacker.

Existing mitigations should prevent NetSpectre:-
This new NetSpectre attack is related to the Spectre v1 vulnerability (CVE-2017-5753) that Google researchers and academics have revealed at the start of the year. As such, all CPUs previously affected by Spectre v1 are believed to also be affected by NetSpectre, existing mitigations, released after the original Spectre attack was first described earlier this year, should protect devices that have been patched.

So, if you have already updated your code and applications to mitigate previous Spectre exploits, you should not worry about the NetSpectre attack.


The details of the NewSpectre attack comes almost two weeks after Intel paid out a $100,000 bug bounty to a team of researchers for finding and reporting new processor vulnerabilities that were also related to Spectre variant one. In May this year, security researchers from Microsoft and Google also reported a Spectre Variant 4 impacting modern CPUs in millions of computers, including those marketed by Apple. Last week, researchers from the University of California, Riverside (UCR) have published details about another attack named SpectreRSB that carries out its data exfiltration by abusing the CPU's Return Stack Buffer (RSB).

Source: 1 2 3

Related Articles:-

What do you think?
Comment below your opinion!
2018-07-30 03:56:34
Favorites6 RateRate

Master Bunny

meetgour | from Redmi Note 5 Pro


Well Explained!!
2018-07-30 04:59:54

Rookie Bunny

5171046582 | from app


Veryyyyyyyyyyyy  good
2018-07-30 06:20:28


Sam_crazy | from Redmi Note 4


whew..each and every day new cyber attacks come into place..this makes us realize how important cyber security and its awareness is.
2018-07-30 06:25:25

Master Bunny

8131016561 | from MI MAX


Nice information.
2018-07-30 07:02:05

Master Bunny

Simmi Kansal | from Redmi Note 5 Pro


thanks nice information
2018-07-30 07:19:26

Grandmaster Bunny

Solver13 | from Redmi Note 4


Thanks For Sharing:-)
2018-07-30 07:56:14

Grandmaster Bunny

prashanthsahu | from Redmi Note 4


thank you so much Bro. this is the Frist time I have seen and heard.good knowledge to us Bro
2018-07-30 09:44:01

Grandmaster Bunny

Subhash_Deshmukh | from Redmi Note 4


Well Explained :-) Thank You brother
2018-07-30 11:17:02

Master Bunny

Papu Bag | from Redmi Note 4


thanks for the information
2018-07-30 11:39:46

Semi Pro Bunny

Hars09diet | from Redmi 5A


Informative  lines.. Very good
2018-07-30 12:52:54
please sign in to reply.
Sign In Sign Up

Mohammad Enayat

Master Bunny

  • Followers


  • Threads


  • Replies


  • Points


3 Days Check-In
7 Days Check-In
21 Days Check-In
40 Days Check-In
Nov-100 replies in a month
Dec-100 replies in a month
100 ответов в декабре
Android O Tester
Christmas 2017
MIUI Instagram
Mi Community Updater
Color Your Planet
Color Our Planet Game
The Motivator
Golden Mi Bunny
Go Bunny Medal
MIUI Subscriber
Mi A2
MIUI 8th Anniversary
Go Bunny Master
Eid Mubarak
5 Million Registered Users
Throwback With Mi 2018

Read moreGet new
Copyright©2010-2020, All Rights Reserved
Content Policy
Quick Reply To Top Return to the list