“幽灵” CPU 漏洞在线检测工具
source link: http://xlab.tencent.com/special/spectre/spectre_check.html?
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Notes
The most dangerous threat of the recent Spectre Attack(CVE-2017-5753、CVE-2017-5715) for individual users is attacking from web browser to steal your personal accounts and information, such as your emails, dropbox, etc.
This tool can detect whether your browser is vulnerable to Spectre Attack and can be easily exploited.
If the result is VULNERABLE, it is definitely true. However, if the result is NOT VULNERABLE, it doesn't mean your browser is absolutely not vulnerable because there might be other unknown attacking methods.
This tool is still in developing, stay tuned...
2018-01-08
Tencent's Xuanwu Lab
Reference:
[1] https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
[2] https://meltdownattack.com/meltdown.pdf
[3] https://spectreattack.com/spectre.pdf
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK