![]() Often, the cache layout information is quickly degraded by other operations being performed by the code under attack. Furthermore you need that cache layout to remain intact long enough that your eavesdropping code can observe it. Some key piece of data you are trying to steal needs to be used to calculate addresses that conveniently span lots of cache lines to give you some good cache side channel information to spy on later. In other words the data has to influence the memory access pattern in a particularly convenient way. In this context a strong signal means a cache line access pattern that itself reveals some secret data. For the attack to work, there needs to be a strong signal coming from the victim application you are trying to eavesdrop upon and locating this has been the biggest challenge for the attacker. However The Register and Ars Technica amongst others have provided some excellent coverage which I won’t repeat again here.Ĭache side channel attacks are not new but until now many of those attacks have been somewhat contrived. In part two I shine the spotlight on the implications for mobile security, and for Android in particular.Īlthough patches for these bugs have been in the works for some time, the announcements have been rushed out and it has showed at times. In part one of this two part blog I will look at these bugs from a high level. It was dominated by the Meltdown and Spectre CPU bug announcements - 2018 has certainly got off to an interesting start. There is much to discuss in the wake of the security news flow last week. I am sure we’ll be discussing this for some time as we continue to pour light on the matter. In addition to the article, readers may also be interested to view the official guidance from the UK’s National Cyber Security Centre, which can be found here. Our friends over at Critical Blue have written a very good blog post on the subject and we’re delighted that they have allowed us to reproduce it here – original links are preserved, as direct links to the original source too. Basic advice prevails – update your software (and software tools if you’re a vendor) as soon as you can. We’re pleased to say that ‘industry’ has been collaborating to minimise the risks and software updates and mitigating actions are rolling out. However, its also fair to say that we wouldn’t necessarily know anyhow as the exploits would be hard to detect. We’ve been having quite a discussion internally at IoTSF as to the technical nature of the exploits, the impact they may have and, as you’d expect, some raised eyebrows due to the fact that these have been hiding in plain sight for quite some time.Īs I write this introduction to a much fuller consideration of the two, there are no known incidents which have been identified on either Meltdown or Spectre. ![]() If you are using one of the following OSs, visit their official website for more details.Welcome to 2018, and welcome #Meltdown and #Spectre – a new duo of vulnerabilities which are shaking the security world, and the IoT world, to the very core – the processor core(s) that is. Ubuntu: Add the kernel parameter nospectre_v2=off.CentOS, EulerOS, Fedora, Debian, Red Hat, and OpenSUSE: Add the kernel parameter spectre_v2=off.To prevent the Spectre vulnerability fixing from deteriorating the system performance, or a better protection solution is available, perform the following operations to disable the patch: Disabling the Spectre Vulnerability Patch.Debian and OpenSUSE: Add the kernel parameter pti=off.CentOS, EulerOS, Ubuntu, Fedora, and Red Hat: Add the kernel parameter nopti.To prevent the enabling of PTI from deteriorating the system performance, or a better protection solution is available, perform the following operations to disable the patch: Disabling the Meltdown Vulnerability Patch.No obvious impact was detected for the patch in Red Hat performance tests. The CVE-2017-5753 vulnerability is fixed by a kernel patch and cannot be disabled.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |