Difference between revisions of "Welcome to regify wiki"
Line 4: | Line 4: | ||
A note regarding '''Spectre''' and '''Meltdown''' attacks (January 2018).<br> | A note regarding '''Spectre''' and '''Meltdown''' attacks (January 2018).<br> | ||
<br> | <br> | ||
− | We investigated the impact of the currently discussed security flaws CVE-2017-5753 (Spectre 1, Bounds Check Bypass), CVE-2017-5715 (Spectre 2, Branch Target Injection) and CVE-2017-5754 (Meltdown, Rogue Data Cache Load). In order to attack a system using these flaws, a rogue executable has to be copied to the affected server system and then executed. For the '''regify provider appliance''', the '''regigate appliance''' and other servers of the '''regify infrastructure''', this is not possible by default. | + | We investigated the impact of the currently discussed security flaws CVE-2017-5753 (Spectre 1, Bounds Check Bypass), CVE-2017-5715 (Spectre 2, Branch Target Injection) and CVE-2017-5754 (Meltdown, Rogue Data Cache Load). In order to attack a system using these flaws, a rogue executable has to be copied to the affected server system and then executed. For the '''regify provider appliance''', the '''regigate appliance''' and other servers of the '''regify infrastructure''', this is not possible by default. We do not have other users running any processes on these systems. Due to this, the systems today are secure.<br> |
<br> | <br> | ||
Of course, the next patch updates of your regify appliances will contain the respecting kernel patches anyway.<br> | Of course, the next patch updates of your regify appliances will contain the respecting kernel patches anyway.<br> |
Revision as of 10:24, 31 January 2018
Welcome to the regify wiki pages.
A note regarding Spectre and Meltdown attacks (January 2018).
We investigated the impact of the currently discussed security flaws CVE-2017-5753 (Spectre 1, Bounds Check Bypass), CVE-2017-5715 (Spectre 2, Branch Target Injection) and CVE-2017-5754 (Meltdown, Rogue Data Cache Load). In order to attack a system using these flaws, a rogue executable has to be copied to the affected server system and then executed. For the regify provider appliance, the regigate appliance and other servers of the regify infrastructure, this is not possible by default. We do not have other users running any processes on these systems. Due to this, the systems today are secure.
Of course, the next patch updates of your regify appliances will contain the respecting kernel patches anyway.
From what we know today, your regify client software is not affected, as these are hardware related issues and the fixes have to be applied by the Operating System or Web-Browsers. Please keep your systems up to date.
Update 24 Jan
Looks like the most recent kernel patch from CentOS does not work as expected. We got random kernel panic freezes with the new patched kernel on our test appliance. One after 48 hours and the other one after 8 days. We will have to wait for a more stable fix.
The target audience for this wiki are administrators of regify providers and technical interested persons who want to get extra information on regify software and technology.
If you have any further technical questions about regify technology, please contact us at support (AT) regify.com.
product information
regify-providerThe current regify-provider changelog (history) Information about the regify Provider Appliance Find information about regify-provider hardware requirements |
regify clientThe current regify-client changelog (history) |
regipay |
regimail |
regibill |
Mobile clients |
regibox |
regigate |
troubleshooting
Client Software
regify account and Web-Portal
Other
technical articles
other information
list of all authentication levels
Answers to different security questions (professionals only)
Installation hints for provider-setup (Outdated! Only for Windows)