Worst vulnerability since heartbleed. Javascript side channel, 80% of all PCs in the world vulnerable

An anonymous reader writes:
Bruce Upbin at Forbes reports on a new and insidious way for a malicious website to spy on a computer. Any computer running a late-model Intel microprocessor and a Web browser using HTML5 (i.e., 80% of all PCs in the world) is vulnerable to this attack. The exploit, which the researchers are calling “the spy in the sandbox,” is a form of side-channel attack. Side channel attacks were previously used to break into cars, steal encryption keys and ride the subway for free, but this is the first time they’re targeted at innocent web users. The attack requires little in the way of cost or time on the part of the attacker; there’s nothing to install and no need to break into hardened systems. All a hacker has to do is lure a victim to an untrusted web page with content controlled by the attacker.


So apparently some hacker can send you a url to a java script site and it can get into the cache of your CPU. Of course it works on Intel microprocessors but apparently everyone uses that right?

While the potency of side-channel attacks is established
without question, their application to practical systems
is relatively limited. The main limiting factor to
the practicality of side-channel attacks is the problematic
attack model they assume: with the exception of
network-based timing attacks, most side-channel attacks
require that the attacker be in close proximity to the victim.
Cache attacks, in particular, typically assume that
the attacker is capable of executing arbitrary binary code
on the victim’s machine. While this assumption holds
for Infrastructure/Platform-as-a-Service (IaaS/PaaS) environments
such as Amazon’s cloud computing platform,
it is less relevant for other settings.
In this report we challenge this limiting security assumption
by presenting a successful cache attack which
assumes a far more relaxed and practical attacker model.
In our attacker model, the victim merely has to access a
website owned by the attacker.

This attack makes the Intel CPU vulnerability we discussed in previous threads look like nothing. Apparently any hacker on the Internet can hack anyone with a browser and Intel CPU. Javascript is so ubiquitous that even this website runs it.

Well anyone concerned about the many problems with javascript should be using “noscript” add on so that they decide when to allow a site to execute javascript in their browser.

I am going to have to read more about this as the quotes suggest they are only capable of reading the cache. ie spy

https://eprint.iacr.org/2014/161
What are your thoughts on that?

Fortunately I don’t think Bitcoin is vulnerable but I’m not 100% certain. There needs to be a studying of this attack vector to determine how much risk there is.

From the look of it it seems they can only observe and not in a very high resolution. But the fact that they can observe anything at all is dangerous.