mox to Technology@lemmy.worldEnglish • 3 months agoUnpatchable vulnerability in Apple chip leaks secret encryption keysarstechnica.comexternal-linkmessage-square64arrow-up1627arrow-down17file-textcross-posted to: technology@midwest.socialapple_enthusiast@lemmy.worldtechnology@lemmy.zip
arrow-up1620arrow-down1external-linkUnpatchable vulnerability in Apple chip leaks secret encryption keysarstechnica.commox to Technology@lemmy.worldEnglish • 3 months agomessage-square64file-textcross-posted to: technology@midwest.socialapple_enthusiast@lemmy.worldtechnology@lemmy.zip
minus-square@Killing_SparklinkfedilinkEnglish8•edit-23 months agoSo the attack is (very basically, if I understand correctly) Setup: I control at least one process on the machine I am targeting another process on I can send data to the target process and the process will decrypt that Attack: I send data that in some intermediate state of decryption will look like a pointer This “pointer” contains some information about the secret key I am trying to steal The prefetcher does it’s thing loading the data “pointed to” in the cache I can observe via a cache side channel what the prefetcher did, giving me this “pointer” containing information about the secret key Repeat until I have gathered enough information about the secret key Is this somewhat correct? Those speculative execution vulnerabilities always make my brain hurt a little
So the attack is (very basically, if I understand correctly)
Setup:
Attack:
Is this somewhat correct? Those speculative execution vulnerabilities always make my brain hurt a little