I need to upgrade to an actual 1U instead of my current VPS solution, heh ;) Then again... I wonder who I'm sharing a hypervisor with... John On September 3, 2016 2:19:38 AM EDT, Georgi Guninski wrote: ----- Forwarded message from Georgi Guninski ----- Date: Sat, 3 Sep 2016 08:49:34 +0300 From: Georgi Guninski To: Jerry Leichter Cc: Florian Weimer , Cryptography List Subject: Re: [Cryptography] "Flip Feng Shui: Hammering a Needle in the Software Stack" On Fri, Sep 02, 2016 at 10:56:10AM -0400, Jerry Leichter wrote: Why bother with patching public keys, making them amenable to factorization, if you can patch executable code instead? If you can target executable code (and I see why not, it's all the same to KSM), it is very clear that there cannot be a software-only defense.... The technique cannot be aimed exactly: You can flip some unpredictable, uncontrollable subset of the bits in a word. (The vulnerability of particular bits is dependent on physical variations in the memory cells.) ... Attacks against the executable code are certainly the worst case, and you might be able to find security-sensitive but very rarely executed code to attack. But this is likely much harder to pull off than the attack outlined here. Flipping random bits in a word at chosen location is very powerful primitive. I am taking bets that it is moderately easy to exploit via many vectors. Flipping random bits of zero word make it nonzero. In a boolean context, this flips False and True, screwing the logic. eg in: if(is_root || is_authorized) give_em_power(); else drop_em(); ----- End forwarded message ----- -- Sent from my Android device with K-9 Mail. Please excuse my brevity.