Melroy van den Berg · @melroy
77 followers · 511 posts · Server mastodon.melroy.org

When looking at all the CPU vulnerabilities in the recent years even until this day. We see mitigations taking place in microcode or OS level. But the performance impact is huge! Sometimes 30%-50% decrease in performance on specific tasks like databases!
Question: can we get some compensation as consumer? Since both Intel and AMD sold hardware that doesn't give the promised results.

#specre #meltdown #hertzbleed #zenbleed #inception #vulnerability #security #secops #compensation #money

Last updated 1 year ago

Daniel J. Bernstein · @djb
1904 followers · 22 posts · Server mastodon.cr.yp.to

New blog post "Turbo Boost: How to perpetuate security problems." blog.cr.yp.to/20230609-turbobo with special guest appearances from Shark, Fluffy, and Turbo Boost Max Ultra Hyper Performance Extreme.

#overclocking #performancehype #power #timing #hertzbleed #riskmanagement #environment

Last updated 1 year ago

Nicola Tuveri · @romen
32 followers · 142 posts · Server floss.social

RT @hashbreaker@twitter.com

New resource page available on timing attacks, including recommendations for action to take regarding overclocking attacks such as : timing.attacks.cr.yp.to Don't wait for the next public overclocking attack; take proactive steps to defend your data against compromise.

🐦🔗: twitter.com/hashbreaker/status

#hertzbleed

Last updated 2 years ago

Tech News Worldwide · @TechNews
11313 followers · 97998 posts · Server aspiechattr.me
Matej Ľach ✅ · @MatejLach
700 followers · 6442 posts · Server social.matej-lach.me

Has anyone seen an explanation for why got notified of several months after that doesn't make me immediately suspicious of the researchers?

#amd #hertzbleed #intel

Last updated 2 years ago

TheBuggers :mastodon: · @thebuggers
48 followers · 1123 posts · Server mastodon.online

Sicherheitslücke Hertzbleed:

ist eine neue Familie von : Frequenzseitenkanäle. Im schlimmsten Fall können diese Angriffe einem Angreifer ermöglichen, kryptografische Schlüssel von entfernten Servern zu extrahieren, die zuvor als sicher galten.

Hertzbleed macht sich laut dem Experiment zunutze, dass die dynamische Frequenzskalierung moderner -Prozessoren unter bestimmten Umständen von den zu verarbeitenden Daten abhängt.

hertzbleed.com/

#x86 #Seitenkanalangriffen #hertzbleed

Last updated 2 years ago

: à nouveau, la tourmente insécuritaire pour les micro-solutions et via une cyber-attaque par canal auxiliaire ! (sous haute-tension dynamique…)

blog.sosordi.net/2022/06/hertz

#hertzbleed #intel #amd #securite #cpu

Last updated 2 years ago

Verfassungklage · @Verfassungklage
1606 followers · 51599 posts · Server mastodon.social
Robert Lemke :veri_coff: · @robert
153 followers · 253 posts · Server flownative.social

Varying execution time can leak secrets from cryptographic algorithms. "Constant Time Code" is one known mitigation. However, modern processors adjust CPU frequency depending on what they process, which can be measured even remotely. hertzbleed.com/

#hertzbleed

Last updated 2 years ago

Marc Véron · @mveron
94 followers · 683 posts · Server tooting.ch

New
is a new family of side-channel attacks: frequency side channels. In the worst case, these attacks can allow an attacker to extract from remote servers that were previously believed to be secure.

hertzbleed.com/

#sidechannelattack #privacy #encryptio #leakage #amd #intel #cpu #ProcessorVulnerability #keys #cryptographic #hertzbleed #vulnarability #processor

Last updated 2 years ago

DACBARBOS Brand · @dacbarbos
79 followers · 1650 posts · Server mastodon.social

Intel and AMD CPU Vulnerability Uses Boost Speed to Steal Crypto Keys t.co/uKI6kZDECk

#hertzbleed

Last updated 2 years ago

crackerjack · @jack
50 followers · 162 posts · Server nerfherders.io
snipe ⭑⭒⭒⭒⭒ :antiverified: · @snipe
675 followers · 1082 posts · Server hackers.town

twitter.com/ricpacca/status/15

RT @ricpacca@twitter.com

We found a way to mount *remote timing* attacks on *constant-time* cryptographic code running on modern x86 processors. How is that possible? With ! Here is how it works (with @YingchenWang96@twitter.com).

hertzbleed.com/

🐦🔗: twitter.com/ricpacca/status/15

#hertzbleed

Last updated 2 years ago

Ares · @ares
29 followers · 530 posts · Server social.snopyta.org

Neue Attacke gegen CPUs:

hertzbleed.com/

#hertzbleed

Last updated 2 years ago

Jan Tobias Muehlberg · @jtmuehlberg
120 followers · 556 posts · Server mastodon.online

"Under certain circumstances, the dynamic frequency scaling of modern x86 processors depends on the data being processed." :-s

RT @ricpacca@twitter.com

We found a way to mount *remote timing* attacks on *constant-time* cryptographic code running on modern x86 processors. How is that possible? With ! Here is how it works (with @YingchenWang96@twitter.com).

hertzbleed.com/

🐦🔗: twitter.com/ricpacca/status/15

#hertzbleed

Last updated 2 years ago

Tech News Worldwide · @TechNews
11315 followers · 97998 posts · Server aspiechattr.me

A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys

arstechnica.com/?p=1860639

&IT

#sidechannelattack #hertzbleed #biz #intel #amd #cpu

Last updated 2 years ago