meltdown   1852

« earlier    

The 2008 Meltdown And Where The Blame Falls
The 2008 Meltdown And Where The Blame Fall
The  2008  Meltdown  And  Where  Blame  Falls  forbes 
13 days ago by kilroy2
'CVS: cvs.openbsd.org: src' - MARC
Add protection for private keys at rest in RAM against speculation
and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and
Rambleed. This change encrypts private keys when they are not in use
with a symmetic key that is derived from a relatively large "prekey"
consisting of random data (currently 16KB).

Attackers must recover the entire prekey with high accuracy before
they can attempt to decrypt the shielded private key, but the current
generation of attacks have bit error rates that, when applied
cumulatively to the entire prekey, make this unlikely.

Implementation-wise, keys are encrypted "shielded" when loaded and then
automatically and transparently unshielded when used for signatures or
when being saved/serialised.

Hopefully we can remove this in a few years time when computer
architecture has become less unsafe.
Meltdown  spectre  rowhammer  rambleed  security  intel  cpu  memory  computer 
24 days ago by dentarg
Twitter
And the nightmare continues ... I wonder whether a more would help ... " Redux:
Intel  Flaw  OpenHardware  Meltdown  from twitter
8 weeks ago by cveira
Twitter
Where does Microarchitectural Data Sampling fit in terms of , and ? Learn about how these le…
Meltdown  L1TF  Spectre  from twitter_favs
8 weeks ago by peterhoneyman
Twitter
: a new attack on CPUs leaking data which is currently loaded from memory - across prog…
Meltdown  ZombieLoad  Intel  from twitter_favs
8 weeks ago by quake0day
GPUs Found Vulnerable to Side-Channel Attacks
Since Spectre and Meltdown were demonstrated at the beginning of 2018, researchers have been discovering many variants of side-channel vulnerabilities affecting both Intel and AMD CPUs. GPUs seemed instead to be immune to such attacks. Until now, that is.
spectre  meltdown  security 
february 2019 by twleung

« earlier    

related tags

(5.14c)  2008  2018  2019  7  9th  access  added  admin  advice  amd  analysis  and  ann  ansible  approaches  architecture  arm  arstechnica  ascent  ascents  attack  backdoors  benchmarks  best-of  blame  brendangregg  browser  bubble2  bug  bugs  c++  c  carlo  casey-muratori  check  checker  children  chrome  cis3360  cis4615  clang  comic  compiler  compilers  computer  computer_security  computers  cop4600  coulter  cpu  cpuarch  cpus  crash  cry  culprit  currencies  cve  cvs  data  debian  debugging  disagreement  dma  doom  dv  editorial  emerging  engineering  exploit  exploitation  fail  failboat  falls  finance  firmware  flaw  forbes  free  free_software  freebsd  fun  funny  geek  gen  github  hacker_news  hacking  hardware  history  hp  humor  ifttt  immiigration  infosec  intel's  intel  interesting  internet-infrastructure  ir  javascript  jeanine:  js  judge  kernel  kids  kpti  l1tf  left  line  linux  magic  makes  management  market  mds  meltup  memory  microcode  microsoft  more  mte  much  news:  nose  of  openhardware  os  paper  parallelism  parenting  patch  pcileech  pentesting  performance  postgresql  powershell  privileged  profiling  programming  protection  prozessor  rambleed  rant  redpoint  repeat  repository  research  rowhammer  script  second  security  shares  si  snippet  specter  spectre  speculation  speculative-execution  speculative  sysadmin  test  the  threading  timer  tips  to  tools  traversi  tricks  trump  twitter  two  usa  video  virus  visualstudio  vulnerability  wall  web  where  windows  work  xen  xkcd  yosemite  zdnet  zombieload 

Copy this bookmark:



description:


tags: