←back to thread

Intel x86 considered harmful – survey of attacks against x86 over last 10 years

(blog.invisiblethings.org)
276 points chei0aiV | 6 comments | 27 Oct 15 14:51 UTC | HN request time: 1.092s | source | bottom
Show context
jbob2000 ◴[27 Oct 15 15:15 UTC] No.10458486[source]
So I read the blog post and skimmed the PDF and I'm left with some questions. IF these security issues have been present for 10 years, but there hasn't been any widespread malicious action on them, are they really issues?

To create an analogy, my car doesn't have bullet proof glass, someone could easily shoot it up and i'd be dead. But nobody really goes around shooting up cars, so is it an issue?

replies(6): >>10458619 #>>10458631 #>>10458642 #>>10458718 #>>10458809 #>>10460889 #
1. tptacek ◴[27 Oct 15 15:34 UTC] No.10458642[source]
Of course they are. We ran the Internet on C code that was positively riddled with trivially exploitable stack overflows for 7 years after the Morris Worm demonstrated RCE through overflows --- 6 years after the "microscope and tweezers" paper explained how the attack worked.

Exact same story with error oracle attacks in cryptography.

Attackers go after the low hanging fruit first, and then they move up the tree.

replies(1): >>10458852 #
2. jbob2000 ◴[27 Oct 15 16:00 UTC] No.10458852[source]
Well that was kind of my point, that hardware is so far up the security tree, it's almost moot (that's kind of my question I guess. Is it far enough up that tree to be moot?). To compare with my analogy, a hitman doesn't need to shoot me up while I'm driving my car, he can wait until I've exited the vehicle and negated any protection I might have had. Similarly, a hacker can avoid the hardware entirely and wait by a printer to read those secure financial documents. Or they can watch over your shoulder while you type your password. Etc. Etc.
replies(3): >>10458940 #>>10458959 #>>10461111 #
3. tehmaco ◴[27 Oct 15 16:11 UTC] No.10458940[source]
It's the 'Holy Grail' of exploitation though - if you can back-door the hardware as she's suggested in the paper, nothing in the software stack can detect it, which means you cannot know if your machine is secure or not.

The fact it's very hard to achieve means it's not something that's likely, but if a government decides that it wants to commandeer your computing hardware, there's nothing you could do to stop them, plus you'd never know that it occurred.

replies(1): >>10461592 #
4. tptacek ◴[27 Oct 15 16:13 UTC] No.10458959[source]
Computer platform security is not like physical security. Once you write the software to accomplish a platform attack, it's usually about as simple to execute it as it would be to execute a simpler attack. The complexity is in the software, not the attack execution.
5. nickpsecurity ◴[27 Oct 15 21:02 UTC] No.10461111[source]
Hardware weaknesses are being exploited right now by High Strength Attackers in intelligence services and stealthy contractors. The TAO supports this. Additionally, there were even malware in the past that used CPU errata for obfuscation. So, we can't ignore this.

On top of it, there's dozens of designs in academia and even less risky options in industry that counter most of this stuff with various tradeoffs. So, anyone that wants to build something better has quite the options. The problems are literally there for backwards compatibility and avoiding costs. Far as I can tell.

6. ◴[27 Oct 15 22:22 UTC] No.10461592{3}[source]