Twitter | Pretraživanje | |
Daniel Moghimi
Ph.D Candidate , Hacker, Reverse Engineer, Vuln Hunter
684
Tweetovi
435
Pratim
554
Osobe koje vas prate
Tweetovi
Daniel Moghimi 1. velj
Odgovor korisniku/ci @defparam @Hacker0x01
Are you planning to buy a house?!
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi proslijedio/la je tweet
Shelby Thomas 1. velj
Often find myself going back to this outline when I have a mental block writing a paper abstract. Hopefully it's useful for others too. (feat. Me and John Wilkes from Google)
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 28. sij
Odgovor korisniku/ci @LinuxNerdPower
Sure. My DM is open.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi proslijedio/la je tweet
Daniel Gruss 27. sij
We sent this PoC to Intel on May 16, just hours after we got access to the patches. The paper from last year already describes the issue. Media already reported about it in November: Where's the news?
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi proslijedio/la je tweet
halvarflake 18. sij
It is fascinating to think about the fact that CPUs have for decades been designed partially by measuring existing code, and optimizing for it. And code by measuring CPUs. That implies that tiny compiler choices in the 80s have echoes in todays CPU hardware.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 15. sij
As somebody who works in tech and read lots of technical materials (papers, news, blogs, articles) every day. How many non-tech books (novel, fiction, history, art, etc.) do you read per year?
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 14. sij
Odgovor korisniku/ci @AdamBatesOrg
IMO, In general, anything that makes IoT different from a normal general purpose computer can define IoT security problems. Counter example: "Popping shell through a stack overflow vuln" is a generic security problem, and it's not specific to IoT.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 14. sij
Odgovor korisniku/ci @AdamBatesOrg
Applied cryptography is a different game on a low-powered device. Though that's a problem for any tiny computer and wearable devices.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 14. sij
Odgovor korisniku/ci @AdamBatesOrg
Moving targets, actuators and sensors introduce new privacy/safety/security issues that may not apply to normal computers. Though most IoT devices on market are just toys with an embedded CPU.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 11. sij
SGX-Step has been a handy tool in many of the works We've done and I'm planning to use it for upcoming future attacks on SGX. Great work! , This list will grow.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @chandlerc1024 @jvanegue
I'm not making any assumption. I just added these references for the context, just in case anybody is interested in the discussion.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @chandlerc1024 @lavados i 2 ostali
Lol, cause I couldn't find you to talk.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @chandlerc1024 @jvanegue
More on uarch defense for Spectre: Speculative Taint Tracking (STT): A Comprehensive Protection for Speculatively Accessed Data Context-sensitive fencing: Securing speculative execution via microcode customization
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @chandlerc1024 @jvanegue
You like or not, Intel already has pushed similar ideas as context to prototypes: "Speculative Access Protected Memory" by the Intel STORM And the challenges you are talking about are what make PL people actually on business.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @chandlerc1024 @lavados i 2 ostali
You already have to mark which branches to add lfences or you would end up adding lfences everywhere (essentially disabling the benefits of speculation). How is that not a problem, but marking secrets is a problem?
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @chandlerc1024 @jvanegue
Can you please share your findings? Is there any CVE or patch for these vulnerabilities you have found?
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @jvanegue @BRIAN_____ @chandlerc1024
Yes Spectre v1. My point 1) The community don't know the risk of this yet to care about immediate hardware changes. 2) There are already proposals how to support the OS/compiler for mitigation, so it's not true to say vendors are totally clueless how to mitigate this.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @jvanegue
Besides, finding proper gadgets and exploiting specV1 is as hard as finding a mitigation for it. They are both valid scientific problem.
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @jvanegue
E.g. ConTExT: Leakage-Free Transient Execution can mitigate this for crypto at least. And there are similar patents and white papers by Nvidia and Intel. There will be another 10 different ways to make annotated secret to not be accessible in the transient domain (by uarch folks)
Reply Retweet Označi sa "sviđa mi se"
Daniel Moghimi 10. sij
Odgovor korisniku/ci @jvanegue
... and for the software to conform to these rules, decades or years is more or less depends how much the industry care about these problems and it's not that we don't have the technical capability to stop them.
Reply Retweet Označi sa "sviđa mi se"