You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Also PortSmash should be adaptable to AMD systems with HT (i.e. Zen) and also all the POWER stuff. And it gets worse, because under more specific circumstances and with cleverer exploits, the side channels go beyond HT and to shared caches too.
Ultimately, computing needs to come to terms with the fact that any time there is *any* shared resource, that's ripe for side channels. This includes main memory and peripheral devices. It's worse and more insidious the lower level and more tightly coupled you make it, like HT.
Also, note that that's just software-type side channels. Hardware side channels exist that can be used on all systems, like fault injection. You can try to design against them, but there is a fundamental physical aspect to it. Side channels are hard to use, but have large payoff.
Yes, if your adversary has local access, you can make it harder for them, but you're always going to lose if they have unlimited time and/or money. And it's fucking hard to design for that.
It becomes quite scary reading the manual for any microarchitecture with that perspective. Even "simple" CPUs tend to have some shared resources.
The "peripheral devices" part got me thinking... I wonder what could be leaked by interacting with audio devices...
Actually... because latency is such a high priority, audio services in the OS are probably fertile ground. JACK and ASIO callbacks have virtually zero influence from userspace preemption; might be able to derive kernel secrets via timing analysis.
But isn’t a CPU a shared resource by definition? Where do you draw the line then?
Rockwell Collins knows something else but aren't selling to us.
Is that why Star Trek has separate computers for every little thing?
I have no idea what this "walled garden" you speak of is. You can experiment all you want at home. If you're #46 on the Fortune 500 list you do not get to "experiment, make mistakes, and make #insecure things" that you then sell to customers.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
