- Milyen okostelefont vegyek?
- iPhone topik
- Megérkeztek a Xiaomi 15T sorozatának telefonjai Magyarországra
- Fotók, videók mobillal
- One mobilszolgáltatások
- Samsung Galaxy S24 - nos, Exynos
- Android alkalmazások - szoftver kibeszélő topik
- Bemutatkozott a Poco X7 és X7 Pro
- Samsung Galaxy S21 Ultra - vákuumcsomagolás
- Apple iPhone 17 Pro Max – fennsík
Hirdetés
(használd a CYBSEC25PH kuponkódot további 20 ezer ft kedvezményért!)
Új hozzászólás Aktív témák
-
S_x96x_S
addikt
péntek esti - AMD security issue ; remélem lesz rá javítás
( Érdekesség: részben az Intel szponzorálta[1] a kutatást )TLDR: "Our attacks demonstrate that AMD’s design is vulnerable to side-
channel attacks. However, we propose countermeasures in software
and hardware, allowing to secure existing implementations and
future designs of way predictors."
[1] "Additional funding was provided by generous gifts from Intel."
Azért rendes az Inteltől, hogy költ az AMD chipek biztonságosságára![;]](//cdn.rios.hu/dl/s/v1.gif)
----------
AMD | Security and privacy → Side-channel analysis and counter-
measures; Operating systems security.
https://t.co/gQ4cN9PYsX?amp=1 ( PDF)
"Take A Way: Exploring the Security Implications of AMD’s
Cache Way Predictors""To optimize the energy consumption and performance of their
CPUs, AMD introduced a way predictor for the L1-data (L1D) cache
to predict in which cache way a certain address is located. Conse-
quently, only this way is accessed, significantly reducing the power
consumption of the processor.
In this paper, we are the first to exploit the cache way predic-
tor. We reverse-engineered AMD’s L1D cache way predictor in
microarchitectures from 2011 to 2019, resulting in two new attack
techniques. With Collide+Probe, an attacker can monitor a vic-
tim’s memory accesses without knowledge of physical addresses
or shared memory when time-sharing a logical core. With Load+
Reload, we exploit the way predictor to obtain highly-accurate
memory-access traces of victims on the same physical core. While
Load+Reload relies on shared memory, it does not invalidate the
cache line, allowing stealthier attacks that do not induce any last-
level-cache evictions.
We evaluate our new side channel in different attack scenarios.
We demonstrate a covert channel with up to 588.9 kB/s, which we
also use in a Spectre attack to exfiltrate secret data from the kernel.
Furthermore, we present a key-recovery attack from a vulnerable
cryptographic implementation. We also show an entropy-reducing
attack on ASLR of the kernel of a fully patched Linux system, the
hypervisor, and our own address space from JavaScript. Finally, we
propose countermeasures in software and hardware mitigating the
presented attacks."
![;]](http://cdn.rios.hu/dl/s/v1.gif)
Új hozzászólás Aktív témák
- Update 10.10. - Bomba árak 2025-ben is! Üzleti - Consumer laptopok DELL FUJITSU HP LENOVO
- GYÖNYÖRŰ iPhone 12 Mini 64GB Black -1 ÉV GARANCIA - Kártyafüggetlen, MS3648, 96% Akkumulátor
- HIBÁTLAN iPhone 13 mini 256GB Pink -1 ÉV GARANCIA - Kártyafüggetlen, MS3440, 90% Akkumulátor
- RÉSZLETRE . OPCIONÁLIS. ThinkPad L16 Gen 1 16" WUXGA, Ultra 5, 16GB RAM, 512GB SSD SZÁMLA GARANCIA
- DELL PowerEdge R640 rack szerver - 2xGold 6138 (20c/40t, 2.0/3.7GHz), 64GB RAM,4x1G, H730 1GB, áfás
Állásajánlatok
Cég: Laptopműhely Bt.
Város: Budapest
Cég: PCMENTOR SZERVIZ KFT.
Város: Budapest