Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @jovanbulck
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @jovanbulck
-
Impressions from a successful and fun edition of the new hardware-aided trusted computing devroom at
#FOSDEM2020 https://fosdem.org/2020/schedule/track/hardware_aided_trusted_computing/ …pic.twitter.com/cFN4VV8WhP
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
About to give a talk at
#FOSDEM2020 on using@IntelSecurity#SGX and@rustlang. Come see me in room K.4.601 or hit me up afterwardsHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
M. Busi et al., “Provably Secure Isolation for Interruptible Enclaved Execution on Small Microprocessors” […studies problem of extending a processor with new features without weakening the security of the isolation mechanisms that the processor offers…] https://arxiv.org/abs/2001.10881
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
Jo Van Buck
@KU_Leuven and Daniel Gruss@lavados from@tugraz are comparing a walled Italian village to leaky processors. Lessons from#spectre,#Meltdown,#Foreshadow at#rhresearch Day Europe.pic.twitter.com/QvPYWCIStR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
SGX-Step has been a handy tool in many of the works We've done and I'm planning to use it for upcoming future attacks on SGX. Great work!
@jovanbulck, This list will grow.https://twitter.com/jovanbulck/status/1215656958591631361 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I also added an overview table with all projects that I know of using SGX-Step. I'm planning to keep this list up-to-date. Feel free to reach out if you know of other projects that are not listed below!pic.twitter.com/xAMWcGYjQT
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
SGX-Step v1.4.0 released with support for x86 ring-0 interrupt handlers and call gates! Allows to build a mini-OS for side-channel research, including easily executing selected functions from a user-space program in privileged ring-0 :-) https://github.com/jovanbulck/sgx-step …pic.twitter.com/hwl1v6ryk4
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
Besides, finding proper gadgets and exploiting specV1 is as hard as finding a mitigation for it. They are both valid scientific problem.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
The schedule is out: https://fosdem.org/2020/schedule/track/hardware_aided_trusted_computing/ … Thanks for your submissions and see you at FOSDEM.https://twitter.com/_Sartakov/status/1183676036023750656 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
KU Leuven ontdekt veiligheidslek in Intel Core processors https://datanews.knack.be/ict/nieuws/ku-leuven-ontdekt-veiligheidslek-in-intel-core-processors/article-news-1542295.html?utm_term=Autofeed&utm_medium=social_datanl&utm_source=Twitter#Echobox=1576058884 …pic.twitter.com/VwsTFrizRN
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
Malware can fiddle with the power supply to an Intel chip to steal secrets from its SGX secure enclave: https://www.wired.com/story/plundervolt-intel-chips-sgx-hack/ … Reminds me of the burglars who cut the electricity to a museum in Dresden last month to get past its security alarms: https://www.theguardian.com/world/2019/nov/25/thieves-steal-priceless-treasures-dresden-green-vault-museum …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
We present
#plundervolt TL;DR First ever fault injection attack on Intel SGX enclaves. Abuses an undocumented software-based interface to undervolt the CPU. Extract full crypto keys and trigger memory safety violations in bug-free code. Read the paper at http://plundervolt.com pic.twitter.com/ozuCF4Vzhh
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
Embargo ends -
#PlunderVolt is public: https://plundervolt.com/ It allows to induce faults into computations in SGX, breaking crypto and corrupting memory. https://www.youtube.com/watch?v=In3B9L5Jyo4 … Great collaboration with Kit Murdock,@sublevado,@halfdoof,@jovanbulck, Frank Piessens!!Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
If there's somethin' stored in a secure enclave, who ya gonna call? Membuster!http://reg.cx/2Xmm
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Slides for our
#ccs19 talk on assessing the vulnerability of#IntelSGX enclaves and fortresses now available at https://people.cs.kuleuven.be/~jo.vanbulck/ccs19-slides.pdf … cc@sublevadopic.twitter.com/cTq15Th2T0
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
@jovanbulck et al.'s paper on#IntelSGX software frameworks has some good things to say about the@fortanix@rustlang EDP. Read the paper at https://people.cs.kuleuven.be/~jo.vanbulck/ccs19-tale.pdf … then start developing at https://edp.fortanix.com https://twitter.com/ZDNet/status/1194313947274338304 …pic.twitter.com/IuygOAJkFL
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
Playing capt’n obvious here but this research in SGX SDK/runtime vulnerabilities reiterates that SGX based protection of workloads/applications relies on quality of the code inside enclaves Paper: https://people.cs.kuleuven.be/~jo.vanbulck/ccs19-tale.pdf … [pdf]https://twitter.com/campuscodi/status/1194320202218868737 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
This was a massive research project that took months to complete and teams at 2 universities. Basically, academics manually audited the entry/exit functions of all major enclave SDKs, a colossal effort. The flaws they found could allow attackers to exfiltrate data from enclaves
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
Of all issues they found, the five in the SGX-SDK and OpenEnclave were the most dangerous, as these are the most common enclave SDKs used in production environments, such as AWS and Azure.pic.twitter.com/xqHOAIgnpP
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jo Van Bulck proslijedio/la je Tweet
Academics perform a manual code audit of 8 enclave SDKs and find 35 vulnerabilities > 5 vulnerabilities received a CVE > issues privately reported and already fixed > issued found in all 8 tested SDKs https://www.zdnet.com/article/manual-code-review-finds-35-vulnerabilities-in-8-enclave-sdks/ …pic.twitter.com/U2BfSImv7H
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.