*waits for breathless press coverage of Netspectre*
A remote bypass of ASLR is quite useful, IMO. It's important to think of vulnerabilities not always as what they can do in a vacuum, but how they may be useful to an attacker in combination with something else.
-
-
Of course, but I'd question the real world application here. We'll see if it ever plays out in real world. There was a side channel ASLR bypass attack from 2016 which took ~60 milliseconds to execute ( http://www.cs.ucr.edu/~nael/pubs/micro16.pdf … ).
-
But keep in mind that's an attack that requires local code execution. The whole point of this NetSpectre thing is basically to remove that local-code requirement for the attacker. But yes, the real-world applicability is what really matters here, and I guess we'll see...
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.