I need to upgrade to an actual 1U instead of my current VPS solution, heh ;) Then again... I wonder who I'm sharing a hypervisor with... John On September 3, 2016 2:19:38 AM EDT, Georgi Guninski <guninski@guninski.com> wrote:
----- Forwarded message from Georgi Guninski <guninski@guninski.com> -----
Date: Sat, 3 Sep 2016 08:49:34 +0300 From: Georgi Guninski <guninski@guninski.com> To: Jerry Leichter <leichter@lrw.com> Cc: Florian Weimer <fw@deneb.enyo.de>, Cryptography List <cryptography@metzdowd.com> Subject: Re: [Cryptography] "Flip Feng Shui: Hammering a Needle in the Software Stack"
Why bother with patching public keys, making them amenable to factorization, if you can patch executable code instead?
If you can target executable code (and I see why not, it's all the same to KSM), it is very clear that there cannot be a software-only defense.... The technique cannot be aimed exactly: You can flip some unpredictable, uncontrollable subset of the bits in a word. (The vulnerability of particular bits is dependent on physical variations in
On Fri, Sep 02, 2016 at 10:56:10AM -0400, Jerry Leichter wrote: the memory cells.)
...
Attacks against the executable code are certainly the worst case, and you might be able to find security-sensitive but very rarely executed code to attack. But this is likely much harder to pull off than the attack outlined here.
Flipping random bits in a word at chosen location is very powerful primitive.
I am taking bets that it is moderately easy to exploit via many vectors.
Flipping random bits of zero word make it nonzero.
In a boolean context, this flips False and True, screwing the logic.
eg in:
if(is_root || is_authorized) give_em_power(); else drop_em();
----- End forwarded message -----
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.