Twitter | Search | |
Moritz Lipp
PhD Candidate in Information Security @ , Side-Channel Attacks & Exploiting Microarchitecture & Apiculture
180
Tweets
372
Following
3,217
Followers
Tweets
Moritz Lipp Sep 15
Congratulations Jo! Looking forwards to some birdies to celebrate!
Reply Retweet Like
Moritz Lipp Sep 4
Congratulations! :-)
Reply Retweet Like
Moritz Lipp retweeted
Black Hat Aug 31
In this Briefing, & shows that Meltdown is still an issue on modern CPUs and presents ZombieLoad - a Meltdown-type attack which leaks data across multiple privilege boundaries. Register before 9/2 to save on registration
Reply Retweet Like
Moritz Lipp retweeted
Daniel Moghimi Jul 14
While recording talks for 2020, excited to mention our work on automated analysis and synthesis of MDS-style CPU attacks "Medusa: Microarchitectural Data Leakage via Automated Attack Synthesis" CC
Reply Retweet Like
Moritz Lipp Jul 11
Replying to @berksunar @tomcrypt
Congratulations!!
Reply Retweet Like
Moritz Lipp Apr 20
Replying to @kavehrazavi @ETH_en
Congrats!
Reply Retweet Like
Moritz Lipp retweeted
Phoronix Mar 12
The Brutal Performance Impact From Mitigating The Vulnerability A number of workloads can be at ~10% of their pre-mitigated performance, e.g. OpenSSL and others.
Reply Retweet Like
Moritz Lipp retweeted
Pawel Wieczorkiewicz Mar 10
Meet Snoopy: INTEL-SA-00330
Reply Retweet Like
Moritz Lipp retweeted
Danilo "18pF flip-flop" Cominotti Mar 10
To put any doubts about the funding of that paper on AMD CPU vulnerabilities to rest, the new LVI research has been funded by Intel, AMD, and ARM.
Reply Retweet Like
Moritz Lipp retweeted
Jo Van Bulck Mar 10
Replying to @jovanbulck
Crucially, unlike prior attacks, cannot be transparently mitigated on current CPUs and requires expensive compiler mitigations that insert an LFENCE after potentially *every* memory load and blacklist the x86 RET instruction-- we measure overheads of factor 2 up to 19(!)
Reply Retweet Like
Moritz Lipp retweeted
Jerry Bryant Mar 10
Also, take a look at the Refined Speculative Execution Terminology paper:
Reply Retweet Like
Moritz Lipp retweeted
Michael Schwarz Mar 10
With (Load Value Injection), we present a new class of transient-execution attacks that extends the classification tree by an entirely new branch. /cc
Reply Retweet Like
Moritz Lipp retweeted
Jo Van Bulck Mar 10
We present Load Value Injection : a new transient-execution attack class; defeats defenses; turns around to *inject* attacker data into victim loads. cc
Reply Retweet Like
Moritz Lipp Mar 10
We present (Load Value Injection), a new class of transient-execution attacks exploiting microarchitectural flaws in modern processors. /cc
Reply Retweet Like
Moritz Lipp Mar 10
Thank you for spotting this! You are right, this does not make any sense and is a relict that occurred while shortening the paper and we have overlooked it.
Reply Retweet Like
Moritz Lipp retweeted
Catalin Cimpanu Mar 7
AMD processors from 2011 to 2019 vulnerable to two new attacks - Attacks named Collide+Probe and Load+Reload - The attacks target the AMD L1D cache way predictor, a power-saving performance feature - No CVEs and no patches from AMD
Reply Retweet Like
Moritz Lipp Mar 6
With "Take A Way: Exploring the Security Implications of AMD’s Cache Way Predictors", we reverse-engineered AMD's L1D cache way predictor, resulting in two new attack techniques. Accepted @ '20 - - /cc
Reply Retweet Like
Moritz Lipp Feb 25
Congratulations! :)
Reply Retweet Like
Moritz Lipp Feb 18
Replying to @gannimo
fwupdmgr works like a charm for the T480s :)
Reply Retweet Like
Moritz Lipp Jan 31
Congratulations :)
Reply Retweet Like