(codesandbox.io)

169 points hunvreus | 2 comments | 08 Apr 25 14:55 UTC | HN request time: 0s | source

Show context

londons_explore ◴[11 Apr 25 14:08 UTC] No.43653973[source]▶

Unmentioned: there are serious security issues with memory cloning code not designed for it.

For example, an SSL library might have pre-calculated the random nonce for the next incoming SSL connection.

If you clone the VM containing a process using that library, now both child VM's will use the same nonce. Some crypto is 100% broken open if a nonce is reused.

replies(7): >>43654026 #>>43654396 #>>43654513 #>>43654702 #>>43654894 #>>43655157 #>>43657321 #

1. hypeatei ◴[11 Apr 25 14:46 UTC] No.43654396[source]▶

>>43653973 #

> might have pre-calculated the random nonce

Isn't this still a concern even if you're not pre-calculating way ahead of time? If you generate it when needed, it could still catch you at the wrong time (e.g. right before encryption, but right after nonce generation)

replies(1): >>43654654 #

2. zamadatix ◴[11 Apr 25 15:07 UTC] No.43654654[source]▶

>>43654396 (TP) #

Unless your encryption and transport protocols are 100% stateless only 1 connection will actually be able to form, even if you duplicate the machine during connection creation.

The problem with pre-computing a bunch and keeping them in memory is brand new connections made post cloning would use the same list of nonces.

↑

We clone a running VM in 2 seconds (2022)