←back to thread

Intel x86 considered harmful – survey of attacks against x86 over last 10 years

(blog.invisiblethings.org)
276 points chei0aiV | 1 comments | 27 Oct 15 14:51 UTC | HN request time: 0.211s | source
Show context
jbob2000 ◴[27 Oct 15 15:15 UTC] No.10458486[source]
So I read the blog post and skimmed the PDF and I'm left with some questions. IF these security issues have been present for 10 years, but there hasn't been any widespread malicious action on them, are they really issues?

To create an analogy, my car doesn't have bullet proof glass, someone could easily shoot it up and i'd be dead. But nobody really goes around shooting up cars, so is it an issue?

replies(6): >>10458619 #>>10458631 #>>10458642 #>>10458718 #>>10458809 #>>10460889 #
1. detaro ◴[27 Oct 15 15:33 UTC] No.10458631[source]
Depends, are there people that might try to shoot you specifically, or does non-bullet-proof glass have weaknesses against other things that might happen more commonly?

(= just because something isn't in widespread use yet/maybe hard to do doesn't mean it isn't used in targeted attacks. Or might become widespread after new discoveries or in combination with other vectors. And a lot of her work (e.g. Qubes OS) aims at making things secure on a very low level)

Also, some of these features are marketed and sold to us as additional protections, and I think it is important to see if they can actually do what they promise or if they just add complications, especially if they inconvenience users.