Difference between revisions of "Welcome to regify wiki"

From regify WIKI
Jump to navigation Jump to search
Line 1: Line 1:
 
__NOTOC__
 
__NOTOC__
 
<p style="font-size: 40px;  text-align: center;  background:#EEEEEE;  padding: 20px;  color:#505050;  text-shadow: -1px -1px 0px #202020, 1px 1px 0px #fff;  border-bottom: 2px solid #AAAAAA">[[File:Logo.png|RTENOTITLE]] &nbsp;Welcome to the regify wiki pages.</p>
 
<p style="font-size: 40px;  text-align: center;  background:#EEEEEE;  padding: 20px;  color:#505050;  text-shadow: -1px -1px 0px #202020, 1px 1px 0px #fff;  border-bottom: 2px solid #AAAAAA">[[File:Logo.png|RTENOTITLE]] &nbsp;Welcome to the regify wiki pages.</p>
<p style="color: white; background-color: #aa3333; border: 2px solid #330000; padding: 10px;">
+
<p style="color: white; background-color: #885555; border: 2px solid #330000; padding: 10px; font-size: 90%;">
Regarding '''Spectre''' and '''Meltdown''' attacks.<br>
+
A note regarding '''Spectre''' and '''Meltdown''' attacks (January 2018).<br>
 
<br>
 
<br>
 
We investigated the impact of the currently discussed security flaws CVE-2017-5753 (Spectre 1, Bounds Check Bypass), CVE-2017-5715 (Spectre 2, Branch Target Injection) and CVE-2017-5754 (Meltdown, Rogue Data Cache Load). In order to attack a system using these flaws, a rogue executable has to be copied to the affected server system and then executed. For the '''regify provider appliance''', the '''regigate appliance''' and other servers of the regify infrastructure, this is not possible by default. The only way to do this would be a serious data breach on the platform. And if this happened, the attacker does not need to utilize one of these flaws to get data or create serious damage. Due to this, the systems are neither more or less secure than before.<br>
 
We investigated the impact of the currently discussed security flaws CVE-2017-5753 (Spectre 1, Bounds Check Bypass), CVE-2017-5715 (Spectre 2, Branch Target Injection) and CVE-2017-5754 (Meltdown, Rogue Data Cache Load). In order to attack a system using these flaws, a rogue executable has to be copied to the affected server system and then executed. For the '''regify provider appliance''', the '''regigate appliance''' and other servers of the regify infrastructure, this is not possible by default. The only way to do this would be a serious data breach on the platform. And if this happened, the attacker does not need to utilize one of these flaws to get data or create serious damage. Due to this, the systems are neither more or less secure than before.<br>

Revision as of 12:44, 11 January 2018

RTENOTITLE  Welcome to the regify wiki pages.

A note regarding Spectre and Meltdown attacks (January 2018).

We investigated the impact of the currently discussed security flaws CVE-2017-5753 (Spectre 1, Bounds Check Bypass), CVE-2017-5715 (Spectre 2, Branch Target Injection) and CVE-2017-5754 (Meltdown, Rogue Data Cache Load). In order to attack a system using these flaws, a rogue executable has to be copied to the affected server system and then executed. For the regify provider appliance, the regigate appliance and other servers of the regify infrastructure, this is not possible by default. The only way to do this would be a serious data breach on the platform. And if this happened, the attacker does not need to utilize one of these flaws to get data or create serious damage. Due to this, the systems are neither more or less secure than before.

Of course, the next patch updates of your regify appliances will contain the respecting kernel patches anyway.

From what we know today, your regify client software is not affected, as these are hardware related issues and the fixes have to be applied by the Operating System or Web-Browsers. Please keep your systems up to date.

The target audience for this wiki are administrators of regify providers and technical interested persons who want to get extra information on regify software and technology.

If you have any further technical questions about regify technology, please contact us at support (AT) regify.com.

product information

regify-provider

The current regify-provider changelog (history)

Information about the regify Provider Appliance

Find information about regify-provider hardware requirements

Update Guide

Updating provider from V4.0.x to V4.1

Updating provider from V4.1.x to V4.2

regify client

The current regify-client changelog (history)

Outlook AddIn information (summary)

regipay

regipay Desktop

regipay Desktop changelog

regipay FAQ

regimail

regimail Desktop changelog

regimail FAQ

regibill

regibill Desktop

regibill Desktop changelog

regibill FAQ

Mobile clients

Summary about BlackBerry client

regibox

regibox changelog

regibox FAQ

regigate

The regigate changelog

Information about the regigate appliance

regigate hardware requirements and performance

troubleshooting

Client Software

General connectivity issues

regify client (Desktop)

regify client (Android)

regify client (iOS, iPhone, iPad)

Outlook AddIn

regibox manager (Desktop)

regibox manager (Mobile)

regipay, regibill and regimail Desktop

Thunderbird AddIn

Lotus Notes AddIn

regify account and Web-Portal

regify account issues

User portal (web interface)

Other

regify provider appliance

AntiVirus false positives

regify error codes

I want to report an error

technical articles

Customizing the provider

Translating regify software

Information about subprovider possibilities

Information about power and capacity

Setting up a new sub-provider

Get an MSI setup package

Information about the regify-provider database

Technical hints for the regify provider appliance

Technical hints for the regigate appliance

Technical hints for updating the regify provider appliance

Automatic proxy setting for regify client

Automatic proxy setting for regibox manager

other information

list of all authentication levels

Answers to different security questions (professionals only)

Installation hints for provider-setup (Outdated! Only for Windows)