Hacking Meltdown Vulnerability

[trasixes]

I'm sure everyone has seen the news of the Meltdown vulnerability in virtually all modern processors from AMD, Intel, ARM, etc.

My first thought - could this be used to hack the Xbox One (among other consoles)?

Anyone have any insight as to why it would, or would not, be useful?

Edit: This is what I get for posting in a hurry. It's Spectre, not meltdown, that is thought to affect AMD/Intel/ARM processors.

 

[brunocar]

meltdown is an intel only exploit, anyone that tells you otherwise is either a shill or mistakingly believed intel's fake news to make AMD look bad since this benefits them.

 

[Trash_McPhail]

Read about this today, as noted above Intel only, apparently.

 

[guicrith]

Its also completely useless since it only lets you read memory not write or execute which is needed for any kind of console hack.

 

[brunocar]

Its also completely useless since it only lets you read memory not write or execute which is needed for any kind of console hack.

this too, not even on the only intel based console, the OG xbox, would have any use

 

[DinohScene]

this too, not even on the only intel based console, the OG xbox, would have any use

The original Xbox was made 17 years ago.
With production being 18 years old.
The Pentium 3 CPU is 19 years old.

Modern CPU's suffer from the bug, not old ones.

Scratch that.

 

[brunocar]

The original Xbox was made 17 years ago.
With production being 18 years old.
The Pentium 3 CPU is 19 years old.

Modern CPU's suffer from the bug, not old ones.

nope, also fake news propagated by intel to save ass, every processor since the pentium 2 is affected

 

[DinohScene]

nope, also fake news propagated by intel to save ass, every processor since the pentium 2 is affected

Got any source on it?

 

[zoogie]

Its also completely useless since it only lets you read memory not write or execute which is needed for any kind of console hack.

This couldn't be any less true. In the 3ds's case, knowing a certain console-unique key can open up the sd card to attacks (saves, dsiware, etc).

 

[matpower]

Got any source on it?

Any Intel processor with out-of-order execution is affected, so recent CPU-wise, only Itanium and Atom pre-2013 is safe. It dates back to 1995. See here for source.

 

[DinohScene]

Any Intel processor with out-of-order execution is affected, so recent CPU-wise, only Itanium and Atom pre-2013 is safe. It dates back to 1995. See here for source.

Fair enough, I retract me previous statement.

 

[the_randomizer]

This is..intriguing. hmm.

 

[smf]

So what the hell are we supposed to do? Freak out in mass panic and hope our computers don't get hacked to hell?

Install the OS update & laugh at the people who are outraged at Intel. They just need to call the Waaambulance.

FWIW AMD appear to be affected by spectre and both Intel and ARM were working with AMD as all CPUs are affected. Then AMD took cheap shots at Intel, which is to be expected from AMD really. Hopefully researchers will now target AMD for a while, even though they are largely irrelevant.

 

[the_randomizer]

Install the OS update & laugh at the people who are outraged at Intel. They just need to call the Waaambulance.

I use Intel, not an AMD user, and I've installed the patch, but ugh. The only thing that blows is performance may take a hit somewhat, IDK. Luckily I can easily uninstall the patch if it sucks.

 

[DinohScene]

People are taking this thing way to seriously.

Remember Heartbleed?
Same fucking story all over again.

 

[brunocar]

Got any source on it?

https://meltdownattack.com/
"Which systems are affected by Meltdown?
Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). We successfully tested Meltdown on Intel processor generations released as early as 2011. Currently, we have only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown."

 

[guicrith]

This couldn't be any less true. In the 3ds's case, knowing a certain console-unique key can open up the sd card to attacks (saves, dsiware, etc).

You have to already have user mode code execution though and if you did you would not need to gain user mode code execution, which is all editing a decrypted save would get you if your lucky enough to have a bug in save parsing, as for dsiware, its signed like iOS apps, you may edit it but its not going to run since its signed with nintendos keys not just your consoles.

 

[zoogie]

You have to already have user mode code execution though and if you did you would not need to gain user mode code execution, which is all editing a decrypted save would get you if your lucky enough to have a bug in save parsing, as for dsiware, its signed like iOS apps, you may edit it but its not going to run since its signed with nintendos keys not just your consoles.

DSiWare execution == system pwned. Check plailect's guide regarding dsiware injection, b9sTool, etc. and the dsiware transfer method.

As far as dsiware exports being signed, well ...
https://www.3dbrew.org/wiki/3DS_System_Flaws (DSiWare_Exports CTCert verification)
They're self-signed which means they're not signed. Decrypt=pwned.

 

[guicrith]

DSiWare execution == system pwned. Check plailect's guide regarding dsiware injection, b9sTool, etc. and the dsiware transfer method.

As far as dsiware exports being signed, well ...
https://www.3dbrew.org/wiki/3DS_System_Flaws (DSiWare_Exports CTCert verification)
They're self-signed which means they're not signed. Decrypt=pwned.

Ok your right, I did not know that I thought nintendo signed them, does nintendo sign the 3ds binarys or does this apply to them as well?

 

[zoogie]

Ok your right, I did not know that I thought nintendo signed them, does nintendo sign the 3ds binarys or does this apply to them as well?

3ds games are properly signed afaik. 3ds saves can be modified* if you have the movable.sed keyy and same with dsiware exports.
The actual srl binaries contained inside the dsiware exports (better known as .nds files) are signed and checked, but for some reason Nintendo doesn't check which signed binaries are present, so you can inject older, exploitable games in the export .bins.

*you can't sign saves since that would require the private key to be present on the system -since saves are modified on the system

Anyway, this is getting really off-topic so I'll just shut up