oh there's a red hat advisory that says "uh yeah you'll need to update hardware to mitigate this. It's not used yet so that's all we have to say" https://access.redhat.com/articles/1377393
@velartrill "mitigation: uh change your ram I guess" okay uhhh
I think most non-security people think that this distinction is bigger than it is.
(concept of an attack vs practical proof of concept)
It's like deprecating bad cryptography: theoretical attacks gradually become practical ones and it takes a really long time to mitigate stuff. Hardware is in that category too.
No idea why governments (ok, US+EU) do not have hardware security verification task forces yet with serious funding.
Instead we rely on...Uni Graz etc to find the problems.
@szbalint sure, but I mean it's not like heartbleed where you could just take the piece of code and run it to get data, here you need to figure out what you're trying to read, massage the memory, get the data, recover it, etc
@wxcafe AMD CPUs have a feature to encrypt VMs' RAM, it looks like it could work as a mitigation.
@val yeah SEV, I read about it
that's nice and all, but uh, noone uses AMD cpus in datacenters, so. It'd still require changing all hardware
@wxcafe Some Kimsufi/Soyoustart and Online.net servers have an AMD CPU; though only Online's seem to be recent enough to support this extension
@val yeah, very low end dedicated hardware have this
dedicated hardware doesn't really need this though. cloud providers need this, and everyone uses intel
@wxcafe cloud hosting companies are so fucked (mostly by Intel but also by other hardware makers aswell).
Turns out security has to start in the hardware. If one thing Intel has learned since 1990 is never to acknowledge the impact of a hardware bug/design issue.
@szbalint I know, I'm the cloud lol
@szbalint but like honestly, https://social.wxcafe.net/@wxcafe/102268596729720160 it'll probably be like meltdown and be mitigated in 6 months with some performance hit
@wxcafe I'd love to see Project Zero's "unfixable hardware vulnerabilities" list and their mitigation planning.
That kind of thing turns people towards bottles of vodka.
@wxcafe oh FFS, we aren't even secure on a chip with no branch prediction now
On a server, if you can privelege-escalate, you can then steal data from *the other customers of the cloud service*. That's what makes it financially lucrative. That's why the voltage and timing tricks are, in any universe, worth it.
Meanwhile, windows barely even has ASLR, so these attacks aren't really needed on most desktops. Softer targets abound
@wxcafe AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA !