- Milyen okostelefont vegyek?
- Az iPhone hajthatatlanságán gúnyolódik a Samsung
- Poco F7 Pro - jó, de az amatőr sem rossz
- Google Pixel topik
- Xiaomi 15 - kicsi telefon nagy energiával
- Samsung Galaxy Z Fold7 - ezt vártuk, de…
- Megjött a jubileumi Pixel széria
- iPhone topik
- Végre bemutatkozott a Pixel 8 és a Pixel 8 Pro
- Samsung Galaxy Watch6 Classic - tekerd!
Új hozzászólás Aktív témák
-
S_x96x_S
addikt
péntek esti - AMD security issue ; remélem lesz rá javítás
( Érdekesség: részben az Intel szponzorálta[1] a kutatást )TLDR: "Our attacks demonstrate that AMD’s design is vulnerable to side-
channel attacks. However, we propose countermeasures in software
and hardware, allowing to secure existing implementations and
future designs of way predictors."
[1] "Additional funding was provided by generous gifts from Intel."
Azért rendes az Inteltől, hogy költ az AMD chipek biztonságosságára![;]](//cdn.rios.hu/dl/s/v1.gif)
----------
AMD | Security and privacy → Side-channel analysis and counter-
measures; Operating systems security.
https://t.co/gQ4cN9PYsX?amp=1 ( PDF)
"Take A Way: Exploring the Security Implications of AMD’s
Cache Way Predictors""To optimize the energy consumption and performance of their
CPUs, AMD introduced a way predictor for the L1-data (L1D) cache
to predict in which cache way a certain address is located. Conse-
quently, only this way is accessed, significantly reducing the power
consumption of the processor.
In this paper, we are the first to exploit the cache way predic-
tor. We reverse-engineered AMD’s L1D cache way predictor in
microarchitectures from 2011 to 2019, resulting in two new attack
techniques. With Collide+Probe, an attacker can monitor a vic-
tim’s memory accesses without knowledge of physical addresses
or shared memory when time-sharing a logical core. With Load+
Reload, we exploit the way predictor to obtain highly-accurate
memory-access traces of victims on the same physical core. While
Load+Reload relies on shared memory, it does not invalidate the
cache line, allowing stealthier attacks that do not induce any last-
level-cache evictions.
We evaluate our new side channel in different attack scenarios.
We demonstrate a covert channel with up to 588.9 kB/s, which we
also use in a Spectre attack to exfiltrate secret data from the kernel.
Furthermore, we present a key-recovery attack from a vulnerable
cryptographic implementation. We also show an entropy-reducing
attack on ASLR of the kernel of a fully patched Linux system, the
hypervisor, and our own address space from JavaScript. Finally, we
propose countermeasures in software and hardware mitigating the
presented attacks."
![;]](http://cdn.rios.hu/dl/s/v1.gif)
Új hozzászólás Aktív témák
- Eladó Ryzen 7 7700X, 7800 XT, 1Tb M.2, 750W, 32Gb DDR5 AM5 gamer pc!
- MINI PC HP PRODESK 600 G2 G3 G4 G5 i3 és i5 6-9. gen gar. Budapest MPL Foxpost
- AZTA! HP EliteBook 840 G8 Fémházas Laptop Ultrabook 14" -60% i7-1185G7 16/512 FHD IPS Iris Xe
- Asus P8H61-M LX R2.0 LGA 1155 alaplap, + Quad Core i5-2500 CPU
- LEGO Technic - Bugatti Chiron (42083)
- Gamer PC- Számítógép! Csere-Beszámítás! I3 10100F / RTX 2060 / 32GB DDR4 / 500GB SSD
- Bomba ár! Asus X540YA - AMD A8 I 8GB I 512SSD I Radeon I 15,6" FHD I Cam I W10 I Garancia!
- Gamer PC-Számítógép! Csere-Beszámítás! Ryzen 5 5500 / RX 6600XT / 32GB DDR4 / 512GB SSD
- Új állapotú, csúcstechnológiás Roborock Saros Z70 robotporszívó (katt a szóviccért!)
- BESZÁMÍTÁS! ASRock B450M R5 2600X 16GB DDR4 500GB SSD 1TB HDD GTX 1650 4GB Zalman N5 CM 450W
Állásajánlatok
Cég: FOTC
Város: Budapest