Follow

hertzbleed.com/

Another week, another crippling vulnerability affecting everyone.

> Is Hertzbleed a bug?

> No. The root cause of Hertzbleed is dynamic frequency scaling, a *feature* of modern processors, used to reduce power consumption (during low CPU loads) and to ensure that the system stays below power and thermal limits (during high CPU loads).

can't make this shit up

@trickster Technically, side-channels aren't bugs.

They're also why formally verifying an algorithm or its implementation isn't sufficient to ensure it will perform as expected.

@trickster

> Why did Intel ask for a long embargo, considering they are not deploying patches?

Ask Intel.

… then perform a timing attack on their response so you can extract all of Intel keys so we can bypass Intel microcode encryption and write our own patches. Later on, we can leak all of their trade secrets and illegally build clones of their CPUs. :blobcatevil:

@avalos @trickster Intel’s engineers barely understand their CPUs, apparently, so I’m not sure how we would…

@trickster .hg dynamic frequency scaling doesn't seem frivolous—in fact, it sounds really valuable! computers use too much energy as it is; efficiency is good.

also…okay, so to exploit Heartbleed, you need to (at most) write code that speaks TLS (or at least a subset of it) and sends heartbeat packets with wrong lengths, and enumerate TLS servers to run it against. how do you exploit this one?

@trickster Reminds me of PQwak: Guessing passwords for Windows shares one character at a time.
And yes, that is 60*10 tries for a 10-character password, not 60^10.

Computer science is still in the dark ages.

@trickster at a certain point I feel like everyone will give up and make a new execution ring where hardware is fully abstracted and every virtual call is precisely time-padded

@napple jokes aside, weren't we down to like ring -3? this is starting to feel like solving highways with more lanes, i swear bro, just one lower ring

@trickster the Work will not be done until we have a ring for every int128

@napple we will no longer set traps, we'll set whole ass dungeons

@trickster Any sufficiently advanced optimization is impossible to distinguish from a side-channel attack.

@trickster I’m suddenly happy that my system is running at fixed 1.5GHz when I’m not working (for power consumption reasons; I can easily wait a moment in the evening) — and when I’m working it’s constantly around 100% load (because IntelliJ).

@trickster

Why did Intel ask for a long embargo, considering they are not deploying patches?

Ask Intel.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!