Google yakaburitsa akati wandei prototypes anoratidza mukana wekushandisa Specter kirasi kusagadzikana paunenge uchiita JavaScript kodhi mubrowser, ichipfuura nzira dzekudzivirira dzakambowedzerwa. Exploits inogona kushandiswa kuwana mukana kune ndangariro ye process processing web content mune yazvino tab. Kuti uedze kushanda kwekushandiswa, webhusaiti leaky.page yakatangwa, uye kodhi inotsanangura pfungwa yebasa yakatumirwa paGitHub.
Iyo prototype yakarongwa yakagadzirirwa kurwisa masisitimu ane Intel Core i7-6500U processors munzvimbo ine Linux uye Chrome 88. Kuti ushandise iyo inoshandiswa kune dzimwe nharaunda, kugadzirisa kunodiwa. Iyo nzira yekubiridzira haina kunangana neIntel processors - mushure mekugadzirisa kwakakodzera, iko kushandiswa kwakasimbiswa kushanda pamasisitimu ane maCPU kubva kune vamwe vagadziri, kusanganisira iyo Apple M1 yakavakirwa paArM architecture. Mushure mekugadzirisa zvidiki, iko kushandiswa kunoshandawo mune mamwe masisitimu anoshanda uye mune mamwe mabhurawuza anoenderana neChromium injini.
Munzvimbo yakavakirwa pane yakajairwa Chrome 88 uye Intel Skylake processors, zvaigoneka kuburitsa data kubva kune inokonzeresa kugadzirisa zvemukati zvewebhu mune yazvino Chrome tab (renderer process) nekumhanya kwe1 kilobyte pasekondi. Uyezve, mamwe maprototypes akagadzirwa, semuenzaniso, kushandiswa kunobvumira, pamutengo wekudzikisa kugadzikana, kuwedzera chiyero chekudonha kusvika ku8kB / s kana uchishandisa performance.now () timer ine chokwadi che5 microseconds (0.005 milliseconds. ) Imwe vhezheni yakagadziridzwa zvakare yakashanda nekurongeka kwe millisecond imwe, iyo yaigona kushandiswa kuronga kupinda mundangariro yeimwe nzira nekumhanya kweanosvika 60 bytes pasekondi.
Iyo yakadhindwa demo kodhi ine zvikamu zvitatu. Chikamu chekutanga chinogadzirisa timer kuti ifungidzire nguva yekuuraya yemashandiro anodiwa kudzoreredza data rakasara mu processor cache semhedzisiro yekufungidzira kuurayiwa kwemirairo yeCPU. Chikamu chechipiri chinotarisa chimiro chendangariro chinoshandiswa pakugovera JavaScript array.
Chikamu chechitatu chinoshandisa zvakananga Specter vulnerability kuona zviri mundangariro zviri mukati mechiitiko chazvino semhedzisiro yekugadzira mamiriro ekufungidzira ekuita kwemamwe ma operation, mhedzisiro yacho inoraswa ne processor mushure mekuona kufanotaura kusina kubudirira, asi zvimiro zve kuuraya kunoiswa mune yakajairika cache uye inogona kudzoserwa uchishandisa nzira dzekutarisa zviri mukati meiyo cache nevechitatu-bato nzira inoongorora shanduko yenguva yekuwana kune cached uye isina cache data.
Nzira yekushandiswa yakarongwa inoita kuti zvikwanisike kuita pasina high-precision timers inowanikwa kuburikidza ne performance.now() API, uye pasina tsigiro yerudzi rweSharedArrayBuffer, iyo inobvumira kugadzira mitsara mundangariro yakagovaniswa. Kubata uku kunosanganisira iyo Specter gadget, iyo inokonzeresa inodzorwa yekufungidzira kuurayiwa kwekodhi, uye padivi-chiteshi leak analyzer, iyo inoona yakavharidzirwa data yakawanikwa panguva yekufungidzira.
Iyo gadget inoshandiswa uchishandisa JavaScript array umo kuyedza kunoitwa kuwana nzvimbo iri kunze kwemiganhu yebuffer, inokanganisa mamiriro ebazi rekufanotaura block nekuda kwekuvapo kwebuffer size cheki yakawedzerwa nemuunganidzi (iyo processor, kutarisa kumberi, kufungidzira kunoita kuwana, asi kunodzosera kumashure nyika mushure mekutarisa). Kuti uongorore zviri mukati me cache pasi pemamiriro ekushaya kukwana timer accuracy, imwe nzira yakarongedzerwa inonyengedza Tree-PLRU cache eviction strategy inoshandiswa muma processors uye inobvumira, nekuwedzera kuwanda kwema cycles, kuwedzera zvakanyanya kusiyana panguva kana uchidzoka. kukosha kubva kune cache uye kana pasina kukosha mu cache.
Zvinocherechedzwa kuti Google yakaburitsa prototype yekubiridzira kuitira kuratidza kugona kwekurwiswa uchishandisa Specter class kusagadzikana uye kukurudzira vanogadzira webhu kushandisa matekiniki anoderedza njodzi kubva mukurwiswa kwakadaro. Panguva imwecheteyo, Google inotenda kuti pasina kugadziriswa kwakakosha kweiyo prototype yakatsanangurwa, hazvibviri kugadzira zviitiko zvepasirese izvo zvakagadzirira kwete chete kuratidzira, asiwo kushandiswa kwakapararira.
Kudzikisa njodzi, varidzi vesaiti vanokurudzirwa kushandisa misoro ichangobva kuitwa Cross-Origin Opener Policy (COOP), Cross-Origin Embedder Policy (COEP), Cross-Origin Resource Policy (CORP), Fetch Metadata Chikumbiro, X-Frame- Sarudzo, X -Content-Type-Sarudzo uye SameSite Cookie. Aya maitiro haadzivirire zvakananga kubva pakurwiswa, asi anobvumidza iwe kuparadzanisa saiti data kubva pakudonha kuita maitiro ayo anorwisa JavaScript kodhi inogona kuurayiwa (iyo inodonha inoitika kubva mundangariro yemaitiro azvino, ayo, kuwedzera kune anorwisa kodhi. , inogona zvakare kugadzirisa data kubva kune imwe saiti yakavhurwa mune imwechete tab). Pfungwa huru ndeyekuparadzanisa kuitwa kwekodhi yesaiti mumatanho akasiyana kubva kune wechitatu-bato kodhi yakagamuchirwa kubva kune isingavimbike zvinyorwa, semuenzaniso, inosanganisirwa kuburikidza neiframe.
Source: opennet.ru