Announcement

Collapse
No announcement yet.

New ZombieLoad Side-Channel Attack Variant: TSX Asynchronous Abort

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • New ZombieLoad Side-Channel Attack Variant: TSX Asynchronous Abort

    Phoronix: New ZombieLoad Side-Channel Attack Variant: TSX Asynchronous Abort

    In addition to the JCC erratum being made public today and that performance-shifting Intel microcode update affecting Skylake through Cascade Lake, researchers also announced a new ZombieLoad side-channel attack variant dubbed "TSX Asynchronous Abort" or TAA for short...

    http://www.phoronix.com/scan.php?pag...-TAA-Announced

  • #2
    This sentence is wonky:
    It is recommended to disable Hyper Threading while they ultimately Cyberus recommend running trusted/untrusted applications on separate physical systems.

    Comment


    • #3
      Originally posted by JonathanM View Post
      This sentence is wonky: "It is recommended to disable Hyper Threading while they ultimately Cyberus recommend running trusted/untrusted applications on separate physical systems."
      Ah I see what happened, should read: "It is recommended to disable Hyper Threading while they ultimately f*ck us and recommend running trusted/untrusted applications on separate physical systems."

      Comment


      • #4
        Oh Intel you can't be serious

        Comment


        • #5
          Demonstration (quite scary and effective):



          Exploit: https://github.com/IAIK/ZombieLoad/

          AMD CPUs are not affected.

          Again, if you're not running untrusted code on your system (a web browser with enabled JS does run it), there's nothing to worry about.

          In short: this new vulnerability again mostly affects cloud providers and users who run untrusted random code off the net.
          Last edited by birdie; 11-12-2019, 03:37 PM.

          Comment


          • #6
            I have a better fix.
            I will disable my Intel CPU altogether.

            Comment


            • #7
              Originally posted by birdie View Post
              Again, if you're not running untrusted code on your system (a web browser with enabled JS does run it), there's nothing to worry about.

              In short: this new vulnerability again mostly affects cloud providers and users who run untrusted random code off the net.
              so it affects cloud providers and anyone who uses a web browser.

              Comment


              • #8
                Originally posted by birdie View Post
                Demonstration (quite scary and effective):
                In short: this new vulnerability again mostly affects cloud providers and users who run untrusted random code off the net.
                I think you're missing the bigger picture.
                The big picture is that there is a new class of exploits out there.
                And one of the vendors is looking more like a big sieve from my point of view.
                Actually the sieve is looking like a total rot and rusted away, leaving nothing but a gaping hole.

                So if you're crafting a zeroday for this class of exploits, one of the vendors is looking like the more vulnerable target.
                And you can _bet_ that people are working on unknown exploits in this class.

                Comment


                • #9
                  Are processors prior to Cascade Lake also vulnerable?
                  Is Ice Lake (it uses a new architecture) also vulnerable?

                  Intel CPUs and x86 in general makes me think about Swiss cheese — it's full of holes.

                  Comment


                  • #10
                    "Zombieland" - is that the name of the exploit, or the re-branding of all of Intel's chip lines?

                    I feel like "can't we just rip the bandage off all at once and do all the exploits and mitigations in one big batch?" But then, I'd probably be stuck with a computer that would never boot again.

                    Comment

                    Working...
                    X