Intel Flaw Impact on VMS / NVRs Examined

Author: Brian Karas, Published on Jan 05, 2018

A flaw has been found in Intel processors that exposes protected memory to unauthorized access. The flaw requires fundamental changes to operating system memory handling to correct, which comes at the cost of performance impacts.

Several technology publications have been covering this flaw, and anticipated impacts, including:

Due to the nature and severity of this flaw, Intel is still in process of releasing details, though much has been discovered by researchers analyzing the patches.

In this note we examine what is known, what is still not disclosed by Intel, and the potential impact on VMS systems or other high-demand applications using these processors.

* **** *** **** ***** ** ***** ********** **** ******* protected ****** ** ************ ******. *** **** ******** *********** ******* to ********* ****** ****** ******** ** *******, ***** ***** ** the **** ** *********** *******.

******* ********** ************ **** **** ******** **** ****, *** *********** impacts, *********:

*** ** *** ****** *** ******** ** **** ****, ***** is ***** ** ******* ** ********* *******, ****** **** *** been ********** ** *********** ********* *** *******.

** **** **** ** ******* **** ** *****, **** ** still *** ********* ** *****, *** *** ********* ****** ** VMS ******* ** ***** ****-****** ************ ***** ***** **********.

[***************]

Virtual ****** ********** ****

* **** *** ********** ***** **** ** ********* ****** ******* memory ***** ** ********** ** ************ **** ********, ********* **** the ********* ****** *** ******** ** ******* *******. ******** ** software ******* ** ******* *** ******** **** ***** ******* ******* the *** *** ********* ******* ****** ******* ****** ***********. ** short, ****** ********* ******* *** * ******* ****** ********** ****** where ****** ** ******* ********* **** "******" ** ********* ****** space, *** "****" ** ******* *****. *** **** ****** **** segmentation *** ** ******** ****** ***********, *** ******* ******** **** accessing ****** **** ** *** ******, ***** ***** ******** ********* data ** *** ******* ** ********** **** ********** ** *** the ****** ******* *****.

All ***** ********** ****** ********

*** ******* ** ********* **** ** ***** ********* ** ****** impacted, ********** ** ********* ******. ***** *** *** ******** * list ** ******** **********, *** *** ******* ****** ********** ******* that ****** ** ** ******** **** **** **** ** *** Intel *** ********** ******* *** *** **** ****** ** ****, with *********** ** *********************** ** ***** ********** ** *** **** ** ****.

Moderate ****

***** **** **** **** *** ***** **** ** ** ******** or *******, ** ***** ** ********* ** ****** ****** ***************, which ***** ****** ** *********** **** **** ** **********. ***** of ******* ******** **** ******* **** ********* ** ***********, **** of ***** *** ** ******** ** * *** ******* ********* a ********* ****. *******, ***** *** *********** **** **** *** be **** ** ***** * ********* ******* ******** ****** * virtual ******* ** *********** ***** *** ** *** ** *** access **** ** ****** **** ***** ******** ** ********** *********.

*** **** ******** * ********* ******* ** ** ****** *** executed ** * ******* **** ** ******** *********, ******* **** it ***** **** **** **** ****** ************* ** ****** * risk. ******** **** *** ******** *******, *** *** ********* **** executing ******* **** *** ************* ****, ******* **** ** *********** is **** ********* ** ******** ** ********, ************ **** *** are **** *** ******* ** ********* *********** ** ******** (*.*.: hosted *********, ** ********* ******* ****** ** * ******* ** departments), *** **** ***** ****** ******** **** ** ******* ****** on ******* ***** **** **** **** *******.

Significant *********** ****** **** *******

*********** ******* ** ** **% *** ***** **** ** ******* systems, **** * ******* ********* ** ~**% *********** ****** *** many *****. ****** ****** ****** **** **** ********* * ***** for ***** ******* **** ************ *********** ******. ******* ****** ******* ** ********** ********* *** ******** ********* used. *******, ** ****** ** ***** **** **** ******* *** run ** *** **** **** ***% ** ********* ****, ** these *********** ******* *** *** ************* **** **** ******* ********* of ******* **** *******.

*** ******* ***** ****** *** ** ******* ********* ******* ********* impact ********** **** **** *********** ******* ** ********** */*, ** is ****** ** *** *******. ***** ******* ********** *** *** processors ********* ** ***** ******* *** ****** ****** ***** **** being ******** ** **** ********. *** *********** **** ** ** this ******* ** * *********** ******** ** ****** "********", ** the ******* ****** ********* *** *********** **** *** ** ****, as ******* **** ** **** ** *** ******* **** ** the ******* ****** ***** ** ** ****** ** ****** *** amount ** **** **** ***** ** ******* ** ******* ******* from ********* **** ****. *** ******** ** *** ******* ****** and ********* ******** ** * *********** ******.

Core ******* *** **** ****** ***

*********** *** ***** ** ******* **** ******* *** ********** ***********, **** **** *** **** **** ******* ** *** **** public ***, ********* ***** ******* ***** ******* ** ********* ****** developers ** ****** **** ** ****** *** ********** ******* ** advance ** **** **********. ** ** ******** **** ***** **** release **** ******* ** *** ****, *** ******* ***************, ******** in ******* ****. ******* ** **** *********** *** **** ***********, and ******** **********, ****** ********** *** ***** *** *** ** minimize *********** *******.

AMD ********** **** ********

***, ***** ******* ********** ******** ** ** ** *********** ** Intel ********,****** ** *** ** ******** ** *** **** ****** ** Intel. *** *** ******* ** ****** ***** **** *** ********, they ********** ***** *********** *******, ****** ***** ********** **** *** been ***** ******** ** *********** ***.

Video ************ *** ** *****

***** ** ****** ******** ** *** ******** ********* ******* ** the ****** *** *********** ********* *****, *** **** ***** ******** are ******* ******** ** ********* ******** *** ******** *** ************ applications.

* ****** ** ******* *** ************ ********* **** ********, *****, Genetec, *********, *** ****** *** ****** ********* *** ** ***** processors.

Impact ** *** *******

*********** ******** **** ******** *** ************* ********* **** *********** ******* are ******, **** *** ********* * **% ****** ** ********* performance, *** ************* **** *** *** ***** *********** *** ****** of ***** *******, ** ******** ****-*******. **** ****** **** **** in *** ******* ** ******** *** ******* ** **** ******* and ********* ******, **** ***** ** ******* ********** *********** ** the ****** *****. ** **** ****** **** ******* *********** ** we ******* ******** **** *************.

Embedded **** *** ****

******** **** **** ** *** ******* *** ******* ** **** external ********, **** *********'* ******* ** *********, ** ***** **** *****, *********, ****, ***. should *** ** ******** ** ****. ***** ***** ** *** have ********** *** ***** ** **** *** ******* ********* ********. Appliance-style *****, **** **********'* ** ***** *********, *********'* ** **********, *** ******* ***-****** ******* ***** ***** *** ****** ******* or ***** ********, **** * **** ****.

Benchmark *********** ****** ********

***** ****** ********* *********** ** ******* *** ************, ************ ***** peak *****, ****** ********** ********* ****** *******. **** **** **** determine *** ****** ** *********** ******* ***********, *** *** **** in *********** ********** ********** ** *********** ******** ***** ********** ******.

***************

*** ** *** ****** ** **** *************, ***** ****** **** to ******* ** ******* ** *********** ** ***** ** ********, as ****** ******* **** ****** **** ** ******* ********* ** the *******. *** ** *** ****** ** *** *******, *** how ****** ****** ******** ** ********, ******* ** ***** ******** may **** **** ** ** ******* ** ****** *** ****** functionality ** **********. ******** ******* ******** **** ** ********* ** the ** *** *********, *** **** **** ****** ** *********** of *** ****.

Comments (55)

*** **** ******** * ********* ******* ** ** ****** *** executed ** * ******* **** ** ******** *********

***** **** *******, ** ***** ******** ** *** ** ** help ******* ******* ****? **** ** *** ******* ** ******* are ***** ********** **** ** * ** *** **** **** the ***** ** **** ** *** **. *********** ******** ** a ***** ******* *** **. ***** ** ********* ***** *** some ****** **** * ********* *** ** ** **% ******** in *********** ** ******** ************.

** *** **** ******** **, ** ***** ******* ** ** even ***** ********? **** ** *** ******* ** ** ***** set ** * ** ****** ** *** **** ****.

***** **** *******, ** ***** ******** ** *** ** ** help ******* ******* ****?

** ********** *** *** ** ****** ** ***/******* **** **** on *** *******. **** **** ***** ******** ** ******** *********** things **** *** ******, ** **** ******** *** ******* ** that ***** ** **** *** ******* ** * ****** ** install ********* ********.

** *** **** ******** **, ** ***** ******* ** ** even ***** ********?

** * ***-******** ***, ***** *** ***** ********** ****** ** keep ******* ********* **** **** *** **** ** *** *****, I ***** ******** *** "***'* ******". *** ** ****** ******, where ****** ****** ** ***** ** ****** *** ********, ** seems *********** *****.

* **** ********** ***** ** ** ***** ******* *** * while ***** *** **** ****** ** *** *********** *******, *** updates **** *** ************* *** *****. **** ****** **** ******** risk *** ****** ********* ** ******** *********** ****. *** *** find **** ******* *********** **** *** ******** *****, *** **** things ******* *** ****** *** ** ********* **** *% **** could ** **** ****** ********.

* **** ********** ***** ** ** ***** ******* *** * while ***** *** **** ****** ** *** *********** *******, *** updates **** *** ************* *** *****.

* ***** *** ***** ** **** ********* *****, * **** wait ** *** * **** ** *** *** *** **** news ***** *** ** *** ****. * ***'* **** *** idea ** ******* **** ******** **** *****.

**** ** ** ***. **** ** *** ** ***** **** servers ***** ** * **** **** ********** **** *** ***** few ******* *** ***** ** ** ******** ** ******* ******* Microsoft ** ********* **** ******* * ****-*** ** * ****** wound. * ***** ** * *** **** ******** ****** ******** which **** ** *** **** *** **** ** **** ****...

* ***** *** ***** ** **** ********* *****... * ***'* like *** **** ** ******* **** ******** **** *****.

********* ** ***. * ***’* **** *** **** ** *** jumping **** ******** **** *****’*.

**** *** ** *** *******? *** *** ***** **** ****** detection ** ** ****** ********* ********* ** *** ******?

*** *****...

*** **? ** *** ***** *** ***** ** *********, ** something ****?

**, *** ********, ****** ************ ** ********** ******* ** ****** the *** ****.

**** **** ******* *** *** ******* **********....

**** ** ****, * ******* **** */* ***** ** *******(************) 808 ******

**** ***** *********? ****** **** *** ** *** ****** ** usual? ** *** *******? **** ******** ******** ** *** *** bad *** **** *** ***** **** ******, *** ***** ***** American ** ***** ****** ************ ** ***** ** * ****, never ***** ******** **** ****, ** ***.... *** ***** **** even **** ***** *************? *********** **** ** *** ....**** *** not ********** **** ********* *** *** ********** **** ***** ******* question?.....Maybe **'* *** *** ******** ********* ** *** *** ********?....***** Intel **** * *******? ********* *** **** ******* ** **** these **** ***** **** **** "**** *********** *********" *** **** intentionally ** ***** ****, ********?

***** ** ****** ***** ******? ** **** ****** **** ***....

** **** **** *** ***.... **** ******!

** ** *********** **** *** ***** ** ******* ************ ******* in ********* *****, *** ****** ********** *** ***** *********** ******* a **** ****** **** ** *** ******* ** *** *************** handle ******* ****** ***********, *** * ****-**** ******** **** * manufacturer ************ **** ***** ********.

**** ***** *** ******* ** ******** **** * **** **** attitude *** * ****** ******* ** ****** ******* *********.

*** *** ****** * **** '*********** ****' ** ******* *** not ***** **********, ** ********* *** ** ** *** * comparison ** *** ********** ** ********* ******* ******** ********* *** Intel, *** ****** **.

*** *********** **** *** ******* ************* *"**** ****** **** ** the ******* ** *** *************** ****** ******* ****** ***********" ** a ***** *********** *** ***** * ******* **********, **** ****** holds ** *****.

* ***** ****** **** *** **** *********** **** ** ***** of **** ******** *** ***** ******* ** *** **** *** actually, ******, *********** ******* *** *****? **** ******* **** **** has **-**,*** *******, ***** * ***** ******** ** *** * real ***** ******* ****.

***** * ******* **********

***

**** ******* ********** ***** **** **** * *' ******.

*** *** ****** * **** '*********** ****' ** ******* *** not ***** **********, ** ********* *** ** ** *** * comparison ** *** ********** ** ********* ******* ******** ********* *** Intel, *** ****** **.

**** ***** ***** ****: "**** ***** *********? ****** **** *** be *** ****** ** *****?" **** ***** ****** ** ********* poor ******* ** *******, ** * **** ** ************* ** the ***** ******** ***** ******** ** ******* ** ***************. ***** you *** * **** ******* ********* *********, * *********** **** opening ***** ** ******* *******, *** *******. *******, * ***** that *** *** ***** **************, ***** ** **** ******** *****.

*** *********** **** *** ******* ************* *"**** ****** **** ** the ******* ** *** *************** ****** ******* ****** ***********" ** a ***** *********** *** ***** * ******* **********, **** ****** holds ** *****.

* ** *** ***** ** ** * ***** ***********. * do ******* *** ****** ** **** ** **** *** *********** at ***** ** *** ****** *** *** **** ********** **** a **** ** * *********, ***** ** * ********* ******** systems *** ***** ******, ** ************* ********* **** * ******* flaw ** *** ******** ********* *** ******* ** * "******** goods" ************. ********* ****** ** **** *********** *** ***** ***** processors, ** ****, **** ******, *** ** **** *** ** be ***** ** **** ****. ********* ***, *** ******, ** held *********** *** ***** *** ******, ***** ******* * ****** exploitable **** ** ***** ******** **** *** ** ********* **** cut-and-paste **********.

* ***** ****** **** *** **** *********** **** ** ***** of **** ******** *** ***** ******* ** *** **** *** actually, ******, *********** ******* *** *****?

** ****. *** ********* ***** ******* **** **** *****, **** number ** * ****** ****** **** ** *** *********, ** one ** ** *********** ***** ** ******* **** *** ** share ********* *** **** ****** ********** *** ********. ***** * have ********* **** **** ******* ** **** ******, * ******* have **** **** ** **.

** ** ********** * **** **** “**********” ******** **** **** Top ********* ******? ** **, ****’* **********!

***?

********* *** *** *** ******... *** **** ** ******** *****. And “**** ****” ****** ** *** ** *** **** ****.

***** ******* ** ** *** ******** **. **** ****’* **** anyone ****, ** *** ** * ****.

***** *** ******* ****, *** ****? **'* *** ********* * hack **** ******* ** ******.

*** *************, ****** ****** **** ********* ******:** *** ******* ******** ** **'*

*** ** **** *** *** * ******* ****. *** ** that ******* *** ********* ** *** ****** *** ** *** being ********* ** *** **********. ** **** ******** *******'* ********* guide *** **** *********, **** ***** *** **** **** ******.

*** ******* **** *** *** **** ******* ********* *** *********?

******* ******** *** ********* ** ********** ******** ***. ****** ************, a ******** **** ** *******. ***** ** ** *******, ****.

*** ** **** ******* ** *****.

*** *** ** *** ****, ************* ******** ***** ********** ******* **********. ***** ********** ** *** **** ******* **** ******* ***********, which **** *********** ** ** ******* **********'* ********* *****.

** **** ****, ***** *** ******* ******** ****** *** *** hacked, *** ********* ** *** **-***** *** ******* ******** **** made ** **********.

**** -

** *** ******** ******* *** *** ****** ******** ***/** ********* look ****** **** ******** **** **** ** ****** ******* ** vulnerabilities?

*****-

***** *** * ******* *********? * ***** **** *** ****** a ***** ******* *** ***. *** *** ** ******** ********** in ****** ** **** ** ***** ** ****** ********* **** you ***** ** *** ** *******.

** *** **** ** ********, ***** *** ****** **** * Genetec **** *** ***** ***** *** *** "***** **********" ******** out ***** **** *** ******* **** ******* ********* *** *********?

*** **** ** *** ******** *** ********, ** *** ***** you *** ****** ******** **** **** ** ****** **** *** offer **** *** ******** ********* **** **** **** ****** **** criticism ** *** ******* ******* (***** *** ****** **** **** not ******** ** ***) *** ** *** ***** **** *** are ******* * **** ***** ** * **** ** **** Hikvision *** ***** *********.

*'* **** * **** *** **** ** ******** *** ****** faces ** **** **** *** *** **** *** ********* *** smiley ***** **** ****** *** ***. **** *** *** ******* to ********** *** *** *** **** *** *** ** ***** this *** ****** **** ********, ** **** *** **** ******** so *********** ******* **** ********** **** ** ****** **** ** of ****** **** *** ***** ** ******* ***.

***** *** * ******* *********?... *** ***** ** *** ** nowhere.

****, *** *** *** ***** ** **** ****.

*** **** ** *** **** / *** *********, *** ****** and ******* ********* *** *** **** ** ****.**** **** **** *** ********: "* ***** **** ***** ** **** *** **** **** if *** *** ****, *** **** *** ****** ******* **** Hikvision, *** ********* *** **** **** *** *****." ** **** classic, "* **** ****** *** ********* ********* **** ******. **** *** So *** ***** ** ******** ****." *** ************ ******** ** **** ******** *** ***** ********* so *** **** **** *** ****** ******* ** ****** **'* because *** *** ********* *********.

*** ****'* ****, ** ** **** **** **** ***** ****** we ******* ****** *** ********* **********.

*** ** *** *** ***** ** *** ** ******** *** because *** ********* ***'* *********** ******* ********* (***** ********* *** for ***** ** ****) ***********,******* ***** ********* ** ***** ****,******* ******** *****, ***.

*** ** ***** **** *** ******:

** ** ********* ** *** * *** ** ********** *********, when *** ****** ******* ** *** *** ************* **.

*** ******* ***:

***** *** * *** ***** *** ******** **** **** ******* i ****** ** ********** ************'* **** **** ******* *********.

** ** ********* ** *** * *** ** ********** *********, when *** ****** ******* ** *** *** ************* **.

* ** ** **** **** *** *** ********* **** * have **** ****** *** *****. **** ** *** * ***** off **** ** **** ******** *** ** ***** * ********** of ****. * ********** **** ********* ** ********* ** * scandelous ****** ** **** ** **** ******** ****. *** * am ****** ** **** *** ****** ** ******* ***** **** doing **, ** *****, ****** ** ** ******* *** ***** where ** ******* **** ************* ******.

** *** ****, * **** ** ***** **** **** *** point ** *** ******* *** * **** *******. ******* ** you ********** **** *** ** *** ******** ** ********* ** Hikvision (***** ********) ** ***** *** ** * *** *** remote ******, * ********* ********* *******: **** *** ************* ****** suggest *** ***** **'* ** ***** ********* *****.

*** ************ ******* *** ******* ***** ***** ** ** * looked ****, *** **** ********* ********* ***** *********.

****,

******* ***** ** ** *****:

***** **** *** ***** *** ** **** *** ***, *** then *** **** *** ******* ** ****** *** ***** **** your *******'* ***.

****'* *** **********: *** **** *********. ** ***'* **** *** video ************ ********, **** **** '******' ******* ** *********, **** depends ** ** ************.

*** ** *** **** ********** **** **** "********* ** ********* in * ********** ******", * **** ** ** ******* **** today's **** **** ** ******** **** ********** -********* ** ****** ****** ********.

*** *** ***** **** *** *********** ********* ********** **** *** sell.

** **** **** ********* ** ******....** **** **.....

******* *** *** ********** ** **** ***. *** **** *** you ********* ********* *** ****** ******* *****?

* **** ***** ** ** ****...

** **** **** ********* ** ******

****, *** **** ** *** ********, ****'* ** ************** ** a ****!

**** ** **** ****** **** *** **** *** ****. *** claimed **** ** ***** ********* ** * ********** ******. * retorted, ********** **** *****, **** **** ***** ** ********* * factual **-***** ****** -********* ** ****** ****** ********. ***** *** ****** ******** ****, *** ****** ** * lie *** **** ******. ****'* **** ** * ** **** most *** *** ******* **.

****, *** *** ***** *** "****** ** *** ******" **** your ********* ********

*** ****

* *********. * **** ****** ********* ********. *** **** ********* scandal. * **** ******* *** ** **** *** ****. *** win!!

****, *** **** **** *** **** ******** ** *******-******** ** your '*******' *****, ********* *** ******** ******* ********* ***** ** do, **** *****'********** ** ****** ****** ************ *********'* **** *** *** *** ********** ** **** ***** or **** ** ********* ** **** *** ***** ** *** situation.

****, * **** ***** ***** ** **** ************ *** *** far *** **** *** ** (*** * **** **** **** and ********* **** **** **) ** ** **** *** ***** all **** ********** ****** ********, ********** *****, ******** ** ******** on ********* *** *** **** *** ******** *** ***** ************ by *** *****. *'** ******** ** ** ***** ****** ****** the ***** **** **** *********.

****, ******* ******* ******** ******. *** ***** **'* ** **** and ***** *** ** **** *** **** *** ******* ****. You *****, ***** ** ****** * ***** ***** *****'* ********* test, ****** ***** *** ******** ******* ** * ******** ** that.

*** ** ********* ***** ********** *** ******* (*.*.,*,*,*) *** *** ***** ****** ** ****. ***?******* ** *** ******* ** **** ****:

* **** **** ** ***** **** ** * *** ****** the ***** *****. * *** ***** ****** ** *** **** horse ** ******* **** **** **** ******.

**** ****! *** ** ** *** ********* ***** *** ****** a ***** ****** ***** **.

*** *** *** **** ** *** *** ********* ***** *** then ********* *** **** ** ****** *** **** ** ***** biased ******* *********. ***** ****, ** **** ********* ****** **** poor ******** ** ********.

***** **** *** ***** *** ** **** *** ***, *** then *** **** *** ******* ** ****** *** ***** **** your *******'* ***.

*****, ****’* ****!

*****, ****’* ****!

*****.******* *:*.

** ******* ***********, * ****** *** **** ******* ***** **** Alexander ****:

"*** ***** ******** **** *** ******** ***, ** *** ***** yellow ** *** ********* ***."

**** ******* *** **** ******** ** *** **** ******* ******** film"*** *****"- ******** ** ***** ***** *** ********* *** **** ********* Oblio, ****** ** **** **********, ***** *** *** **** ** the ***** ***** ** *** ******** **** *****, ***** *****.

** *** **** ***** **** **** ****, * ****** ********* it - *** **** **** **** **** ** ***.

#*, * **** *** **** ** *********** *** * *****. The ** **********, ***** *** ** **** **** ** ******, misses * ******** *****, ** ** *******.

**** ** ***** **** *** ********* *********** ******* **** *** now *** **** *** ***** ******** ******* - ******** ** terrible ** *** ** ******* ** *** ******* *** **** throw **** ***** ** *** ** ***** *** ********* ******.

** **** **** ****: "*** ******* ********** ** *** *** so ** *** ** **********!" "********* ** *** *** ** is *****!"

*** ** ** ***** ** **** ** *** **** *************** Hikvision ******* *** ***** * ****** ** **** ** ******* and **** *********'* ******** ** ** ********* *** ***** **** anything ****.

** ***** ** ****** ***** #* *** ****** ** * preview ** **** ******.

"*****" *** **** ***** ******** ***** ** ** *******.

***** ******* ***** **** ** **?:

****://***.******.***/***********/*******/*********/*****.****

**** ****** ** *** ***

*** **** ** ***** **** ******** ****** ******** ****.

******** ** *** ************* **** ****** ********* ** **** ********* memory **** * *** ********** ******* ********* ****** ******. **** can ***** ********* ********** *** ******* ** *** ******. *************, the ******* *** **** ****** ******** "***" **, ******* ***** is ** ********* *** ** ****** *** *** ****** ******** CPUs ****. *** ****** *** **** ** ** ******** *** of ***** *********** ********** ** *** ***. *** ******* ******* this ** ******** *** ********* ****** ******* ******* ** **** space ** ** ***** *** ****** *** ********* *******. *** side ****** ** **** ** *** *********** ***.

***, ***** *** **** ******* ******* ****** **********. ******* ******, maybe *** ** **** ******* **** **** *** ** ** the ********* ***********. ** *** *** ***** * ******* ***** provider *** **** ** *** ** *** *** ***** ***!

**** ************* ** ********** *** *** *****-****** ************. **** ****** ask *** *** ***'* **** ** ***** ******, **** ** why! **** *** *** ****** *** **** ********** *******. ** hasn't **** **** *** ** ******, *** **** ** ********* no ********* **'* ****** *** * ***** *** *** ** that.

******* **** ******* *** ******* ******* *** ****** ** ***** processes. ****** ********** *** *********** ********* ********** *** **** ******* attacks. ** ** ****** ***** ** ****** ******** ** ******* data ******* ****. **** *** *** ******* *** ******* *** read ***** ****. ******** **** ****** ***'* ****'* *****, **** and ****** **** *** **** ******** ******* **** ** * CPU ***** *** * ******** *****.

*** ******* **** ****** ** ******* ** ********* *** ** user ***** ******* ****** ******* ***** ****** ************* (****) ***** opens ** * *** ** ***** ****** **** ********* *************** that ********** *** **** *********** ******* ** ****. *** ***** thing ** ******* **** *** ********** ** *** ******* ** the ******* ** *** ***** *** ****** ***. **** *** make ***** ****** ************** *********** ** *** ******* **** *** stolen. ****** ***** ** ****** *** *** ** ********, ***'* just ***** *** ***.

*** ***** *** **** **** ** **** *** **** ********* for ****** * ****, ** *** ******* * ****** ***** has ********* **** *** *** *************. *** ***** **** **** open * ****** ** ***** ***** **** ****** ******** ***** to ** **** ** **** *** **** ** ***** ******** like ***** ***** *****.

*** **** ** ***** **** ******** ****** ******** ****.

**** *** **** ** *******. ***** *** * *** ** IT-centric ************ **** *** ******** **** ** ***** *** ******* deep **** ********* *******. ** ****** ** ******* ********* **** gave **** ******* ****** ******* ********* ** *** *****, *** an ************* ** *** ** ******** ***** ***** *** ******* as ** ******* ** ********/************ ********* ************ (***** ** *** covered ******** ****, ********* ***** ******** ************).

**** ******* ***** ** **** *********** ***** **** ** *** details/differences ** *** *** **** ******.

*** ****** *** **** * ****** ********* **** ******* ******* too **** ** *** *****, **** **** **** ******** ****** pretty ****:*** ********* ** ***'* ********** ** ******* ** *********.

******! * **** **** ****'* **** *** ******, **** *** not ** ******. * **** ****** ** **** **** ****** knew ***** *** *** **** ******** ****** **** *** **** both **** ********* ****** ******* *** ************ **********.

******! * **** **** ****'* **** *** ******, **** *** not ** ******.

*** *** ***** **** ***. * ********** *** ****** *** time ** *** **** ********** ******* ********.

**** ***** **** ** **** *** *** *** **** ** the **** *** *** **** * *** ***** ** *** link ********* ** **** **********. ** ***** * **** ** which ********** **************? * ** ******* *** **** ** ****** *** ** are ********, ** ******** ** ** *****.

***** ** ** *********** ** ***** *** ************* *** ******** scores ******* ** ***** ** *** ****** *****.

'*** ********** *** ***** ** *** *** **** ************. ******* processors, ***** **** ***** ********** ** ****, *** ***** **** architecture *** ***********. *************, ***** ***** ********* ** **********, ****** many ****** ** ********** ****** ** **** *** *** ******* available. ******* *** ************* ** ********* ** ********* ******, ***** is *** ****** *********** **** ***** **********, *** ***** ********** motherboards *** **********, ***** *** ****** **** ****** ******, *** I ***** *** **** ** ***** ** ****.

** ** **** "***** ******", *** *** **** ****** ***** to ** ***** **** ********.

* ***** *** *********** *** ** ***** *********. ***** **** video **** *** ***** ******** **** (******)

*****://*************.******.***/****/**/**/******-***-*****/

* ***** ** ** *** ***** ** *** *** ****, and **** ********* ** **** ***** ** */* *** ********, and *********** ** **** ** *** ************ ** *** **** being ********.

**** ** * **** ****** ******* ******** * ***** *** on ***********, ******* * ***** ***** ** *** ***** ******** (** details ***** ** ********* ** **, ***** ** ** ** app **** ******* * *** ** **** **** ***):

** ** ****** ** *****'* ****** ****** *** ********* *** issue **. ** *** *** ******* * ****** ** ******* a *-*% ****** ** *** ********** ******* *** ****** ***** stable *** *** ****** ******** ******** ***** * ***. *** issue **** * *** ******* **** *** ******** ********.

***** **** ****** *** **** ** **** ********:

*****://********-******.*****.***/********.****?*******=*****-**-*****&**********=**-**

*** ********* *****-***** ********* *** ******** ** **** *****. ***** may ****** **** **** ** * ***** ****. ****** ***** with **** ****** ****** ** ********* ************ *** **** *********** regarding ******* *** **** ******.

  • *****® ****™ ** ********* (**** *** ****)
  • *****® ****™ ** ********* (**** *** ****)
  • *****® ****™ ** ********* (**** *** ****)
  • *****® ****™ * ********* ****** (**** *** ****)
  • *** ********** *****® ****™ **********
  • *** ********** *****® ****™ **********
  • *** ********** *****® ****™ **********
  • *** ********** *****® ****™ **********
  • *** ********** *****® ****™ **********
  • *** ********** *****® ****™ **********
  • *** ********** *****® ****™ **********
  • *****® ****™ *-****** ********* ****** *** *****® *** *********
  • *****® ****™ *-****** ********* ****** *** *****® **** *********
  • *****® ****® ********* **** ******
  • *****® ****® ********* **** ******
  • *****® ****® ********* **** ******
  • *****® ****® ********* **** ******
  • *****® ****® ********* **** ******
  • *****® ****® ********* **** ******
  • *****® ****® ********* ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ** ** ******
  • *****® ****® ********* ******** ******
  • *****® **** ***™ ********* ****, ****, **** ******
  • *****® ****™ ********* * ******
  • *****® ****™ ********* * ******
  • *****® ****™ ********* * ******
  • *****® ****™ ********* ** ******
  • *****® ****™ ********* * ******
  • *****® *******® ********* * ******
  • *****® *******® ********* * ******
  • *****® *******® ********* * ******
  • *****® *******® ********* * ******

****** **** ** **** ******* ***

**-**** (**** **** - **** ****** *.***)

*** ***...

**-**** (****** **** (**** *********, **** *-**** ** *-****) **** with *.***.

*'* ****** *** ***** *** ****** **** **** ***. :-*

***, **** *** ********. **** *** *** *** *** ********** Core **********.

* **** * **** ***** ******** ***** ******* ** *** systems **. ********* ****** ********: **** ** ******* * *** server **** *** ***-********** ** *** ************ *** ********** ** that *** ** ******** *** **** ***** *** ******* ****** performance. ********** ** ********** **** ***** ****** *********** **** **** removed ** ********, *** *** ******* ****** *** **** ****** rigorously ***** *** ******** ** *********. ********* ** ******** *** often ******** ** *********.

** ******** ** *** ********** ** ****** *********** ********* ********* patching *** ***** ********** ***** ****** ** ** ********* ******** instructions **** ************* ********* ***** ******* ** *****, ** ****** we **** ***** *** ** ****** **** ** ***** *** available *******?

********* ** ** ****** ********* ** **** * ***** ****** of *** ****** ***** ** ********, *** **** ******** *** not ****** ***** ******** ********** *** *** **** ** ***** later.

** ******** ** *** ********** ** ****** *********** ********* ********* patching *** ***** ********** ***** ****** ** ** ********* ******** instructions **** ************* ********* ***** ******* ** *****, ** ****** we **** ***** *** ** ****** **** ** ***** *** available *******?

** **** ****, *** ****** ****** **** ** **** *** manufacturer *** *********. ******* *** *********** ******* ***** ******* ****** I/O ********** (***** ** * *** **** ** **** * VMS ****, **** **** **** *** *** ** *** ***), and ******* **** *** ******* **** ** ******** ********* **** (how **** ** ******, *******, ***.) ** ** **** ****** that **** *** ** **** ******** **** ******.

*********** *** **********:***** ****** ******* ********* ** **** ***** ****** *.*. **********:

******* *** ***** *** ** ********* ** ***** ********* **** out ** *** *****, *********** ***** **** ***** ** ** great ******** ** *** ************-********* ******....

** ** * “**** *********” ******* *** ***** ** *** conversations ******* ***** *** *** ******* **** ********, ******* *********** there ********* ******* *** **** **************

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on VMS

'Best In Show' Fails on Apr 19, 2018
ISC West's "Best In Show" has failed. For more than a decade, it has become increasingly irrelevant as the selections exhibit a cartoon level...
Worst Access Control 2018 on Apr 18, 2018
Three access control providers stood out as providing the most problems for integrators. In this report, we analyze the answers to: "In the...
Axis VMD4 Analytics Tested on Apr 17, 2018
Axis is now on its 4th generation of video motion detection (VMD), which Axis calls "a free video analytics application." In this generation, Axis...
Best and Worst ISC West 2018 on Apr 16, 2018
ISC West 2018 had strong attendance, modest overall new products, and a surge in Artificial Intelligence marketing. First, here are 20+...
Eocortex / Macroscop VMS Company Profile on Apr 09, 2018
Eocortex is the international brand of Russian VMS manufacturer Macroscop. Macroscop was founded in 2008, and the Eocortex name created in 2013. We...
Hanwha Mega ISC West Product Releases on Apr 05, 2018
While overall new product releases have been slowing over the past few years, Hanwha is releasing a slew of 6 new offerings for ISC West,...
VMS New Developments Spring 2018 (Avigilon, Exacqvision, Genetec, Hikvision, Milestone, Network Optix) on Apr 04, 2018
What's new with VMS software? In this report, we examine new features and releases for Spring 2018 to track different areas of potential...
Hikvision LPR Camera Tested on Mar 26, 2018
Hikvision has expanded into the LPR market, claiming up to 99% capture rates, 95% recognition rates at speeds up to 75mph  / 120kmh. We bought and...
Network Racks For Surveillance Guide on Mar 21, 2018
In this guide, we look at network rack infrastructure, one of the fundamentals of IP video surveillance. Inside, we cover: What is a rack unit...
Network Addressing for Video Surveillance Guide on Mar 14, 2018
The goal of this guide is to explain addressing devices on IP networks, focusing on how IP cameras and recorders are used in those networks. For...

Most Recent Industry Reports

Chinese Manufacturer Kickstarter Campaign Huge Success (EverCam) on Apr 23, 2018
In a week, a Chinese manufacturer's expertly done Kickstarter campaign has received $1.4 million in pledges, an incredible amount for a video...
Favorite Biometrics 2018 on Apr 23, 2018
Biometrics are on the rise, or at least integrator opposition to them is declining, according to new IPVM integrator statistics.   Almost half of...
Dahua and Hikvision Win Over $1 Billion In Government-Backed Projects In Xinjiang on Apr 23, 2018
Dahua and Hikvision have won well over $1 billion worth of government-backed surveillance projects in China’s restive Xinjiang province since 2016,...
May 2018 Camera Course on Apr 20, 2018
Save $50 on early registration until this Thursday, the 26th. Register now (save $50) for the Spring 2018 Camera Course This is the only...
Global Real-Time Video Surveillance - EarthNow on Apr 20, 2018
A new company, EarthNow, with backing from Bill Gates, Airbus and more, is claiming that: Users will be able to see places on Earth with a delay...
Dedicated Vs Converged Access Control Networks (Statistics) on Apr 20, 2018
Running one's access control system on a converged network, with one's computers and phones, can save money. On the other hand, hand, doing so can...
April 2018 IP Networking Course on Apr 19, 2018
This is the last chance to register for our IP Networking course. Register now. NEW - 2 sessions per class, 'day' and 'night' to give you double...
Rare Video Surveillance Fundraising - Verkada $15 Million on Apr 19, 2018
Fundraising in video surveillance (and the broader physical security market) has been poor recently. Highlights are few and far in between...
'Best In Show' Fails on Apr 19, 2018
ISC West's "Best In Show" has failed. For more than a decade, it has become increasingly irrelevant as the selections exhibit a cartoon level...
Security Camera Cleaning Frequency Statistics on Apr 18, 2018
150+ integrators told IPVM how often they clean cameras on customer's sites and why.  Inside we examine their answers and break down feedback...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact