[Info-vax] Intel x86-64 Processor Design Security Vulnerability?
Arne Vajhøj
arne at vajhoej.dk
Thu Jan 4 11:36:45 EST 2018
On 1/4/2018 9:06 AM, Bob Gezelter wrote:
> With all due respect, the Spectre "site" is a gateway to the papers
> written by the teams that discovered both exploits.
>
> As Hoff has noted, breaking address space randomization is not
> presently an issue for OpenVMS, as OpenVMS does not yet (emphasis,
> YET) randomize addresses.
>
> However, the comments about using areas of code in the kernel mapping
> region are of interest. The exploitation of the interaction between
> speculative execution (or fetching) to uncover the values of
> otherwise inaccessible data is a processor flaw. Fixing an exploit
> which uses cache timing to uncover data is going to be an interesting
> challenge.
>
> Bottom line: The vulnerability is subtle and elegant. Best starting
> point is to read the papers thoroughly.
Well _ I am not really that much into hardware and
security at this level.
But to me it seems like this is sort of an involuntary
variant of the voluntary covert channel concept discussed
30 years ago in orange book and B1/B2 level.
Arne
More information about the Info-vax
mailing list