Difference between revisions of "Welcome to regify wiki"
Line 4: | Line 4: | ||
A note regarding '''Spectre''' and '''Meltdown''' attacks (January 2018).<br> | A note regarding '''Spectre''' and '''Meltdown''' attacks (January 2018).<br> | ||
<br> | <br> | ||
− | We investigated the impact of the currently discussed security flaws CVE-2017-5753 (Spectre 1, Bounds Check Bypass), CVE-2017-5715 (Spectre 2, Branch Target Injection) and CVE-2017-5754 (Meltdown, Rogue Data Cache Load). In order to attack a system using these flaws, a rogue executable has to be copied to the affected server system and then executed. For the '''regify provider appliance''', the '''regigate appliance''' and other servers of the regify infrastructure, this is not possible by default. The only way to do this would be a serious data breach on the platform. And if this happened, the attacker does not need to utilize one of these flaws to get data or create serious damage. Due to this, the systems are | + | We investigated the impact of the currently discussed security flaws CVE-2017-5753 (Spectre 1, Bounds Check Bypass), CVE-2017-5715 (Spectre 2, Branch Target Injection) and CVE-2017-5754 (Meltdown, Rogue Data Cache Load). In order to attack a system using these flaws, a rogue executable has to be copied to the affected server system and then executed. For the '''regify provider appliance''', the '''regigate appliance''' and other servers of the regify infrastructure, this is not possible by default. The only way to do this would be a serious data breach on the platform. And if this happened, the attacker does not need to utilize one of these flaws to get data or create serious damage. Due to this, the systems today are secure.<br> |
<br> | <br> | ||
Of course, the next patch updates of your regify appliances will contain the respecting kernel patches anyway.<br> | Of course, the next patch updates of your regify appliances will contain the respecting kernel patches anyway.<br> |
Revision as of 10:18, 31 January 2018
Welcome to the regify wiki pages.
A note regarding Spectre and Meltdown attacks (January 2018).
We investigated the impact of the currently discussed security flaws CVE-2017-5753 (Spectre 1, Bounds Check Bypass), CVE-2017-5715 (Spectre 2, Branch Target Injection) and CVE-2017-5754 (Meltdown, Rogue Data Cache Load). In order to attack a system using these flaws, a rogue executable has to be copied to the affected server system and then executed. For the regify provider appliance, the regigate appliance and other servers of the regify infrastructure, this is not possible by default. The only way to do this would be a serious data breach on the platform. And if this happened, the attacker does not need to utilize one of these flaws to get data or create serious damage. Due to this, the systems today are secure.
Of course, the next patch updates of your regify appliances will contain the respecting kernel patches anyway.
From what we know today, your regify client software is not affected, as these are hardware related issues and the fixes have to be applied by the Operating System or Web-Browsers. Please keep your systems up to date.
Update 24 Jan
Looks like the most recent kernel patch from CentOS does not work as expected. We got random kernel panic freezes with the new patched kernel on our test appliance. One after 48 hours and the other one after 8 days. We will have to wait for a more stable fix.
The target audience for this wiki are administrators of regify providers and technical interested persons who want to get extra information on regify software and technology.
If you have any further technical questions about regify technology, please contact us at support (AT) regify.com.
product information
regify-providerThe current regify-provider changelog (history) Information about the regify Provider Appliance Find information about regify-provider hardware requirements |
regify clientThe current regify-client changelog (history) |
regipay |
regimail |
regibill |
Mobile clients |
regibox |
regigate |
troubleshooting
Client Software
regify account and Web-Portal
Other
technical articles
other information
list of all authentication levels
Answers to different security questions (professionals only)
Installation hints for provider-setup (Outdated! Only for Windows)