pavelmachek (pavelmachek) wrote,
pavelmachek
pavelmachek

Security getting hard/impossible on recent systems

Cache attacks: this is not good. Ok, so we have a rowhammer: basically very common, hard-to-work-around, hardware problem. Bits in your memory may flip. Deal with it.
And now, there are cache attacks, too. Users should not be able to spy on each other on multiuser system, but they very probably can. In particular, other users can tell which parts of emacs you are executing, and when. They can probably not distinguish what characters you are typing, but they can probably learn when you are typing space, normal letter, or moving cursor. Ouch. And if they indeed can spy on individual characters... you can hardly blame emacs. With plain keyboard, cache attack on individual letters is probably not feasible. With t-9 like system on touchscreen... it probably is. Deal with it. But how?
Subscribe

  • Certified danger

    I suspected Linux Foundation went to the dark side when they started strange deals with Microsoft. But I'm pretty sure they went to dark side…

  • Pretty big side-effect

    Timing and side-channels are not normally considered side-effects, meaning compilers and cpus feel free to do whatever they want. And they do.…

  • Complex cameras coming to PCs

    It seems PCs are getting complex cameras. Which is bad news for PCs, because existing libv4l2 will not work there, but good news for OMAP3, as there…

  • Post a new comment

    Error

    switch
    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
    Help
  • 0 comments