Category: intel

Auto Added by WPeMatico

Another Intel Speculative Execution Vulnerability

Posted on By infossl
exploits, hacking, hardware, intel, keys, Security technology, sidechannelattacks, vulnerabilities

Remember Spectre and Meltdown? Back in early 2018, I wrote: Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality of data. Now that they — and the research into the Intel ME vulnerability — have shown researchers where to look, more is coming — and what they’ll find will be worse … Read More “Another Intel Speculative Execution Vulnerability” »

Attack Against PC Thunderbolt Port

Posted on By infossl
hacking, intel, linux, physicalsecurity, Security technology, vulnerabilities, windows

The attack requires physical access to the computer, but it’s pretty devastating: On Thunderbolt-enabled Windows or Linux PCs manufactured before 2019, his technique can bypass the login screen of a sleeping or locked computer — and even its hard disk encryption — to gain full access to the computer’s data. And while his attack in … Read More “Attack Against PC Thunderbolt Port” »

Another Side Channel in Intel Chips

Posted on By infossl
intel, Security technology, sidechannelattacks

Not that serious, but interesting: In late 2011, Intel introduced a performance enhancement to its line of server processors that allowed network cards and other peripherals to connect directly to a CPU’s last-level cache, rather than following the standard (and significantly longer) path through the server’s main memory. By avoiding system memory, Intel’s DDIO­short for … Read More “Another Side Channel in Intel Chips” »

Attacking the Intel Secure Enclave

Posted on By infossl
academicpapers, computersecurity, intel, malware, Security technology

Interesting paper by Michael Schwarz, Samuel Weiser, Daniel Gruss. The upshot is that both Intel and AMD have assumed that trusted enclaves will run only trustworthy code. Of course, that’s not true. And there are no security mechanisms that can deal with malicious enclaves, because the designers couldn’t imagine that they would be necessary. The … Read More “Attacking the Intel Secure Enclave” »

Another Intel Chip Flaw

Posted on By infossl
hardware, intel, Security technology, vulnerabilities

Remember the Spectre and Meltdown attacks from last year? They were a new class of attacks against complex CPUs, finding subliminal channels in optimization techniques that allow hackers to steal information. Since their discovery, researchers have found additional similar vulnerabilities. A whole bunch more have just been discovered. I don’t think we’re finished yet. A … Read More “Another Intel Chip Flaw” »

More Spectre/Meltdown-Like Attacks

Posted on By infossl
hacking, hardware, intel, Security technology, vulnerabilities

Back in January, we learned about a class of vulnerabilities against microprocessors that leverages various performance and efficiency shortcuts for attack. I wrote that the first two attacks would be just the start: It shouldn’t be surprising that microprocessor designers have been building insecure hardware for 20 years. What’s surprising is that it took 20 … Read More “More Spectre/Meltdown-Like Attacks” »

Speculation Attack Against Intel’s SGX

Posted on By infossl
hardware, intel, Security technology, sidechannelattacks, vulnerabilities

Another speculative-execution attack against Intel’s SGX. At a high level, SGX is a new feature in modern Intel CPUs which allows computers to protect users’ data even if the entire system falls under the attacker’s control. While it was previously believed that SGX is resilient to speculative execution attacks (such as Meltdown and Spectre), Foreshadow … Read More “Speculation Attack Against Intel’s SGX” »

Another Spectre-Like CPU Vulnerability

Posted on By infossl
hardware, intel, microsoft, Security technology, sidechannelattacks, vulnerabilities

Google and Microsoft researchers have disclosed another Spectre-like CPU side-channel vulnerability, called “Speculative Store Bypass.” Like the others, the fix will slow the CPU down. The German tech site Heise reports that more are coming. I’m not surprised. Writing about Spectre and Meltdown in January, I predicted that we’ll be seeing a lot more of … Read More “Another Spectre-Like CPU Vulnerability” »

Another Branch Prediction Attack

Posted on By infossl
academicpapers, hardware, intel, Security technology, sidechannelattacks, vulnerabilities

When Spectre and Meltdown were first announced earlier this year, pretty much everyone predicted that there would be many more attacks targeting branch prediction in microprocessors. Here’s another one: In the new attack, an attacker primes the PHT and running branch instructions so that the PHT will always assume a particular branch is taken or … Read More “Another Branch Prediction Attack” »

The Effects of the Spectre and Meltdown Vulnerabilities

Posted on By infossl
cloudcomputing, intel, internetofthings, patching, Security technology, vulnerabilities

On January 3, the world learned about a series of major security vulnerabilities in modern microprocessors. Called Spectre and Meltdown, these vulnerabilities were discovered by several different researchers last summer, disclosed to the microprocessors’ manufacturers, and patched­ — at least to the extent possible. This news isn’t really any different from the usual endless stream … Read More “The Effects of the Spectre and Meltdown Vulnerabilities” »