Papers of the day   All papers

Speculative Dereferencing of Registers: Reviving Foreshadow

Comments

Matthew Garrett: cloud provider: oh hey you guys are back early security researcher: cpu's haunted cloud provider: what security researcher: *flushing cache and reloading registers* cpu's haunted https://twitter.com/Underfox3/status/1291595231440384005

4 replies, 366 likes


Underfox: Researchers have discovered a novel way to exploit speculative dereferences,enabling direct leakage of data values stored in registers, showing that this effect can be adapted to Foreshadow by using addresses not valid in any address space of the guest. https://arxiv.org/pdf/2008.02307.pdf https://t.co/6HdjU2nDep

3 replies, 259 likes


Ian Coldwater 📦💥: HAPPY FRIDAY 💥

7 replies, 92 likes


halvarflake: I shouldn't comment on this, but I have repeatedly said (until my voice broke down): KASLR is not a mitigation that has a chance of surviving against a local attacker, and should not be treated as such. Another case in point: https://arxiv.org/pdf/2008.02307.pdf

4 replies, 90 likes


Chandler Carruth: Alternate framing I prefer: Researchers clearly document the extent and easiest mechanisms for some of the last rounds of speculative execution data leaks. While not novel, essential and overdue. And in doing so, they found painful gaps in some systems' mitigations. 🤦🏻

0 replies, 49 likes


Tinker Fairy: They replaced the prefetches with NOPs and it still prefetches! 💖

3 replies, 38 likes


Adrian Rueegsegger: So @lavados, @misc0110 et al released a new paper called “ Speculative Dereferencing of Registers: Reviving Foreshadow” getting at the root cause of Foreshadow making it clear that it’s not just Intel that’s affected but AMD, ARM etc too. Nice work! https://arxiv.org/pdf/2008.02307.pdf https://t.co/1oNdNuWclJ

1 replies, 32 likes


/r/netsec: Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks https://modernnetsec.io/intel-arm-ibm-amd-processors-vulnerable-to-new-side-channel-attacks/

0 replies, 7 likes


Content

Found on Aug 07 2020 at https://arxiv.org/pdf/2008.02307.pdf

PDF content of a computer science paper: Speculative Dereferencing of Registers: Reviving Foreshadow