|
News News regarding BSD and related. |
|
Thread Tools | Display Modes |
|
|||
Researchers Bypass ASLR Protection on Intel Haswell CPUs
Quote:
http://www.cs.ucr.edu/~nael/pubs/micro16.pdf Added: Some people argue that attack is not such a problem, because attack not remote. https://gist.github.com/lattera/c785...addf8c6017c7d0
__________________
Signature: Furthermore, I consider that systemd must be destroyed. Based on Latin oratorical phrase Last edited by e1-531g; 20th October 2016 at 09:42 AM. Reason: added important link |
|
|||
The "some people" referenced above in Shawn Webb, the person behind HardenedBSD. Whether or not his knowledge and expertise in OS security is meaningful in commenting on the article is of course an exercise left up to the reader.
|
|
|||
Another attack on ALSR
https://arstechnica.com/security/201...-much-nastier/ Imho ALSR is not broken in all cases, but only when attacker makes victim to execute malicious program, be it native OS application or Javascript on the web page. It is still good protection against untrusted data parsed by programs such as PDF readers, image viewers, multimedia players.
__________________
Signature: Furthermore, I consider that systemd must be destroyed. Based on Latin oratorical phrase |
Tags |
aslr, aslr bypass, cpu, security |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
USB3 issues on Haswell laptop | sspiff | OpenBSD General | 1 | 28th November 2014 12:33 PM |
X11 and Haswell Intel 4600 | tavrion | NetBSD Installation and Upgrading | 16 | 7th July 2013 12:26 PM |
Security Intel CPUs affected by VM privilege escalation exploit | J65nko | News | 9 | 18th June 2012 11:51 PM |
ASLR to be mandatory for binary Firefox extensions | J65nko | News | 1 | 28th February 2012 03:33 PM |
CAPTCHA schemes still easy to bypass | J65nko | News | 8 | 7th November 2011 08:09 PM |