TRIPLE MELTDOWN: HOW SO MANY RESEARCHERS FOUND A 20-YEAR-OLD CHIP FLAW AT THE SAME TIME
technology·@contentjunkie·
0.000 HBDTRIPLE MELTDOWN: HOW SO MANY RESEARCHERS FOUND A 20-YEAR-OLD CHIP FLAW AT THE SAME TIME
<center>https://media.wired.com/photos/5a501026c577052074c80171/master/w_1132,c_limit/bug_collision-FINAL.jpg</center> From Wired <hr> <blockquote> ON A COLD Sunday early last month in the small Austrian city of Graz, three young researchers sat down in front of the computers in their homes, and tried to break their most fundamental security protections. Two days earlier, in their lab at Graz's University of Technology, Moritz Lipp, Daniel Gruss, and Michael Schwarz had determined to tease out an idea that had nagged at them for weeks, a loose thread in the safeguards underpinning how processors defend the most sensitive memory of billions of computers. After a Saturday night drinking with friends, they got to work the next day, each independently writing code to test a theoretical attack on the suspected vulnerability, sharing their progress via instant message. That evening, Gruss informed the other two researchers that he'd succeeded. His code, designed to steal information from the deepest, most protected part of a computer's memory known as the kernel, no longer spat out random characters, but what appeared to be real data siphoned from the sensitive guts of his machine: snippets from his web browsing history, text from private email conversations. More than a sense of achievement, he felt shock and dismay. "It was really, really scary," Gruss says. "You don’t expect your private conversations to come out of a program with no permissions at all to access that data." From his computer across the city, Lipp soon tested proof-of-concept code he'd written himself and could see the same results: URLs and file names materializing out of the digital noise. "Suddenly I could see strings that shouldn't belong there," Lipp remembers. "I thought, oh god, this is really working." <center>https://media.wired.com/photos/5a5010ab1ba7974f31ad0886/master/w_532,c_limit/Bug-Collision-Inline.jpg</center> </blockquote> Read more: https://www.wired.com/story/meltdown-spectre-bug-collision-intel-chip-flaw-discovery/ <hr> I have absolutely no evidence to back it up but I have a sneaking suspicion there are some people at the NSA that are angry their decades old exploit is going to be patched. It also makes you wonder what other attack vectors have we not found with our currently trusted chips. <h4>Leave your thoughts in the comments below.</h4> <hr> Follow @contentjunkie to stay up to date on more great posts like this one. <a href="https://steemit.com/@contentjunkie"><img src="http://i.imgsafe.org/dd8bd8753d.gif"></a>
👍 contentjunkie, cryptogee, ivet, coolthings, cryptofixer, bitrx, kitt, chair, dademurphy, sideshowbob, chart, quimby, alchemiste, statsbot, popcornmachine, wilburtsmythe, bluetrade, coolcat, newsbot, vanilla, krusty, scratchy, crashoverride, fyrst-witness, icet, shape, conky, mrssteve, cartman, aries, steemet, shapeshifter, jag, jebus, suntzu, oreo, wiggum, opall, curei, weeds, itchy, minecraftfan, mrhanky, towelie, guerilla, annul, ketchup, azz, nedd, fentan99, cancer, mrerolos, elviss, caz, jambii, charity, hansolo, katt, stun, scene, cowboycurtis, icecube, drnick, highfive, currie, qantheman, peeweeherman, rgeddes, clarence, mchammer, movietrailers, trendz, reaction, philipjfry, kickass, fulldisclosure, ladder, austinpowers, dickbutt, view, pkvlogs, telos, youngkim, digitalsecurity, steemprentice, newscrypto, etuk, zen-analyst, cephalopod, cchilds2, godo, bitcoinparadise, emi0074, palikari123,