|
TLBleed
TLBleed is a cryptographic side-channel attack that uses machine learning to exploit a timing side-channel via the translation look-aside buffer (TLB) on modern microprocessors that use simultaneous multithreading. , the attack has only been demonstrated experimentally on Intel processors; it is speculated that other processors may also potentially be vulnerable to a variant of the attack, but no proof of concept has been demonstrated. AMD had indicated that their processors would not be vulnerable to this attack. The attack led to the OpenBSD project disabling simultaneous multithreading on Intel microprocessors. The OpenBSD project leader Theo de Raadt has stated that, while the attack could theoretically be addressed by preventing tasks with different security contexts from sharing physical cores, such a fix is currently impractical because of the complexity of the problem. See also * Transient execution CPU vulnerability * Zombieload The Microarchitectural Data Sampli ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Simultaneous Multithreading
Simultaneous multithreading (SMT) is a technique for improving the overall efficiency of superscalar CPUs with hardware multithreading. SMT permits multiple independent threads of execution to better use the resources provided by modern processor architectures. Details The term ''multithreading'' is ambiguous, because not only can multiple threads be executed simultaneously on one CPU core, but also multiple tasks (with different page tables, different task state segments, different protection rings, different I/O permissions, etc.). Although running on the same core, they are completely separated from each other. Multithreading is similar in concept to preemptive multitasking but is implemented at the thread level of execution in modern superscalar processors. Simultaneous multithreading (SMT) is one of the two main implementations of multithreading, the other form being temporal multithreading (also known as super-threading). In temporal multithreading, only one thre ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Side-channel Attack
In computer security, a side-channel attack is a type of security exploit that leverages information inadvertently leaked by a system—such as timing, power consumption, or electromagnetic or acoustic emissions—to gain unauthorized access to sensitive information. These attacks differ from those targeting flaws in the design of cryptographic protocols or algorithms. (Cryptanalysis may identify vulnerabilities relevant to both types of attacks). Some side-channel attacks require technical knowledge of the internal operation of the system, others such as differential power analysis are effective as black-box attacks. The rise of Web 2.0 applications and software-as-a-service has also significantly raised the possibility of side-channel attacks on the web, even when transmissions between a web browser and server are encrypted (e.g. through HTTPS or WiFi encryption), according to researchers from Microsoft Research and Indiana University. Attempts to break a cryptosystem by ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Machine Learning
Machine learning (ML) is a field of study in artificial intelligence concerned with the development and study of Computational statistics, statistical algorithms that can learn from data and generalise to unseen data, and thus perform Task (computing), tasks without explicit Machine code, instructions. Within a subdiscipline in machine learning, advances in the field of deep learning have allowed Neural network (machine learning), neural networks, a class of statistical algorithms, to surpass many previous machine learning approaches in performance. ML finds application in many fields, including natural language processing, computer vision, speech recognition, email filtering, agriculture, and medicine. The application of ML to business problems is known as predictive analytics. Statistics and mathematical optimisation (mathematical programming) methods comprise the foundations of machine learning. Data mining is a related field of study, focusing on exploratory data analysi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Timing Side-channel Attack
In cryptography, a timing attack is a side-channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Every logical operation in a computer takes time to execute, and the time can differ based on the input; with precise measurements of the time for each operation, an attacker can work backwards to the input. Finding secrets through timing information may be significantly easier than using cryptanalysis of known plaintext, ciphertext pairs. Sometimes timing information is combined with cryptanalysis to increase the rate of information leakage. Information can leak from a system through measurement of the time it takes to respond to certain queries. How much this information can help an attacker depends on many variables: cryptographic system design, the CPU running the system, the algorithms used, assorted implementation details, timing attack countermeasures, the accuracy of the timing measurements, e ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Translation Look-aside Buffer
A translation lookaside buffer (TLB) is a memory cache that stores the recent translations of virtual memory address to a physical memory location. It is used to reduce the time taken to access a user memory location. It can be called an address-translation cache. It is a part of the chip's memory-management unit (MMU). A TLB may reside between the CPU and the CPU cache, between CPU cache and the main memory or between the different levels of the multi-level cache. The majority of desktop, laptop, and server processors include one or more TLBs in the memory-management hardware, and it is nearly always present in any processor that uses paged or segmented virtual memory. The TLB is sometimes implemented as content-addressable memory (CAM). The CAM search key is the virtual address, and the search result is a physical address. If the requested address is present in the TLB, the CAM search yields a match quickly and the retrieved physical address can be used to access memory. This ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intel
Intel Corporation is an American multinational corporation and technology company headquartered in Santa Clara, California, and Delaware General Corporation Law, incorporated in Delaware. Intel designs, manufactures, and sells computer components such as central processing units (CPUs) and related products for business and consumer markets. It is one of the world's List of largest semiconductor chip manufacturers, largest semiconductor chip manufacturers by revenue, and ranked in the Fortune 500, ''Fortune'' 500 list of the List of largest companies in the United States by revenue, largest United States corporations by revenue for nearly a decade, from 2007 to 2016 Fiscal year, fiscal years, until it was removed from the ranking in 2018. In 2020, it was reinstated and ranked 45th, being the List of Fortune 500 computer software and information companies, 7th-largest technology company in the ranking. It was one of the first companies listed on Nasdaq. Intel supplies List of I ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenBSD
OpenBSD is a security-focused operating system, security-focused, free software, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by fork (software development), forking NetBSD 1.0. The OpenBSD project emphasizes software portability, portability, software standard, standardization, software bug, correctness, proactive computer security, security, and integrated cryptography. The OpenBSD project maintains portable versions of many subsystems as package manager, packages for other operating systems. Because of the project's preferred BSD license, which allows binary redistributions without the source code, many components are reused in proprietary and corporate-sponsored software projects. The firewall (computing), firewall code in Apple Inc., Apple's macOS is based on OpenBSD's PF (firewall), PF firewall code, Android (operating system), Android's Bionic (software), Bionic C standard library is based on OpenBSD c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Transient Execution CPU Vulnerability
Transient execution CPU vulnerabilities are vulnerabilities in which instructions, most often optimized using speculative execution, are executed temporarily by a microprocessor, without committing their results due to a misprediction or error, resulting in leaking secret data to an unauthorized party. The archetype is Spectre, and transient execution attacks like Spectre belong to the cache-attack category, one of several categories of side-channel attacks. Since January 2018 many different cache-attack vulnerabilities have been identified. Overview Modern computers are highly parallel devices, composed of components with very different performance characteristics. If an operation (such as a branch) cannot yet be performed because some earlier slow operation (such as a memory read) has not yet completed, a microprocessor may attempt to ''predict'' the result of the earlier operation and execute the later operation ''speculatively'', acting as if the prediction were correct. Th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Zombieload
The Microarchitectural Data Sampling (MDS) vulnerabilities are a set of weaknesses in Intel x86 microprocessors that use hyper-threading, and leak data across protection boundaries that are architecturally supposed to be secure. The attacks exploiting the vulnerabilities have been labeled Fallout, RIDL (''Rogue In-Flight Data Load''), ZombieLoad., and ZombieLoad 2. Description The vulnerabilities are in the implementation of speculative execution, which is where the processor tries to guess what instructions may be needed next. They exploit the possibility of reading data buffers found between different parts of the processor. * Microarchitectural Store Buffer Data Sampling (MSBDS), * Microarchitectural Load Port Data Sampling (MLPDS), * Microarchitectural Fill Buffer Data Sampling (MFBDS), * Microarchitectural Data Sampling Uncacheable Memory (MDSUM), *Transactional Asynchronous Abort (TAA)CVE-2019-11135 Not all processors are affected by all variants of MDS. History Acco ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
2018 In Computing
Significant events that have occurred in 2018 in all fields of technology, including computing, robotics, electronics, as well as any other areas of technology as well, including any machines, devices, or other technological developments, occurrences, and items. January *1 January – Researchers at Harvard, writing in '' Nature Nanotechnology'', report the first single lens that can focus all colours of the rainbow in the same spot and in high resolution, previously only achievable with multiple lenses. *2 January – Physicists at Cornell University report the creation of "muscle" for shape-changing, cell-sized robots. *3 January **Computer researchers report discovering two major security vulnerabilities, named " Meltdown" and " Spectre," in the microprocessors inside almost all computers in the world. **Scientists in Rome unveil the first bionic hand with a sense of touch that can be worn outside a laboratory. *4 January – MIT researchers devise a new method to create s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Hardware Bugs
Hardware may refer to: Technology Computing and electronics * Electronic hardware, interconnected electronic components which perform analog or logic operations ** Digital electronics, electronics that operate on digital signals *** Computer hardware, physical parts of a computer *** Networking hardware, devices that enable use of a computer network ** Electronic component, device in an electronic system used to affect electrons, usually industrial products Other technologies * Household hardware, equipment used for home repair and other work, such as fasteners, wire, plumbing supplies, electrical supplies, utensils, and machine parts *Builders hardware, metal hardware for building fixtures, such as hinges and latches * Hardware (development cooperation), in technology transfer * Drum hardware, used to tension, position, and support the instruments * Military technology, application of technology to warfare * Music hardware, devices other than instruments to create music Entertain ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
