
Intel Visa: Through the Rabbit Hole [pdf] - octosphere
https://i.blackhat.com/asia-19/Thu-March-28/bh-asia-Goryachy-Ermolov-Intel-Visa-Through-the-Rabbit-Hole.pdf
======
0x0
The fuse thing about "deterministic random number generation" is spooky...
does it mean it's possible to compromise RDRAND?

At least it looks like linux has a "random.trust_cpu=0" option...
[https://security.stackexchange.com/questions/42164/rdrand-
fr...](https://security.stackexchange.com/questions/42164/rdrand-from-dev-
random)

~~~
lima
Linux XORs its PRNG with the hardware RNG, so it being deterministic wouldn't
break it.

------
rburhum
Out of curiosity, is the encryption salt really that quote from William
Wordsworth's poem ("I wondered lonely as a cloud...") or was that a joke?
Can't extract sarcasm from presentation slides :(

------
snazz
Despite the fact that it isn’t much of a _vulnerability_ , per se, I’d be very
interested to see if more processor vulnerabilities come out as a result of
these better debugging tools.

~~~
agnokapathetic
“Imagine if instead of treating a conference as a passive chance to see a
broad range of hacking demos, we all treated it as a chance to study up on the
latest techniques. Something between workshop and lecture series...” - Dave
Aitel

[https://twitter.com/daveaitel/status/1111979964780503045](https://twitter.com/daveaitel/status/1111979964780503045)

