DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 20th October 2016
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 344
Default Researchers Bypass ASLR Protection on Intel Haswell CPUs

Quote:
A team of scientists from two US universities has devised a method of bypassing ASLR (Address Space Layout Randomization) protection by taking advantage of the BTB (Branch Target Buffer), a component included in many modern CPU architectures, including Intel Haswell CPUs, the processor they used for tests in their research.
http://news.softpedia.com/news/resea...u-509460.shtml
http://www.cs.ucr.edu/~nael/pubs/micro16.pdf
Added:
Some people argue that attack is not such a problem, because attack not remote.
https://gist.github.com/lattera/c785...addf8c6017c7d0
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase

Last edited by e1-531g; 20th October 2016 at 09:42 AM. Reason: added important link
Reply With Quote
  #2   (View Single Post)  
Old 21st October 2016
ibara's Avatar
ibara ibara is offline
vBSDcon 2017 troublemaker
 
Join Date: Jan 2014
Posts: 450
Default

The "some people" referenced above in Shawn Webb, the person behind HardenedBSD. Whether or not his knowledge and expertise in OS security is meaningful in commenting on the article is of course an exercise left up to the reader.
Reply With Quote
  #3   (View Single Post)  
Old 15th February 2017
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 344
Default

Another attack on ALSR
https://arstechnica.com/security/201...-much-nastier/

Imho ALSR is not broken in all cases, but only when attacker makes victim to execute malicious program, be it native OS application or Javascript on the web page. It is still good protection against untrusted data parsed by programs such as PDF readers, image viewers, multimedia players.
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
Reply

Tags
aslr, aslr bypass, cpu, security

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
USB3 issues on Haswell laptop sspiff OpenBSD General 1 28th November 2014 12:33 PM
X11 and Haswell Intel 4600 tavrion NetBSD Installation and Upgrading 16 7th July 2013 12:26 PM
Security Intel CPUs affected by VM privilege escalation exploit J65nko News 9 18th June 2012 11:51 PM
ASLR to be mandatory for binary Firefox extensions J65nko News 1 28th February 2012 03:33 PM
CAPTCHA schemes still easy to bypass J65nko News 8 7th November 2011 08:09 PM


All times are GMT. The time now is 06:13 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick