Hacker News new | past | comments | ask | show | jobs | submit login

This has some similarity to the rowhammer vulnerability. There, if you access some DRAM chips repeatedly in a specific way, some digital elements no longer behave in the idealized way that's expected, and there's cross-coupling between things that aren't supposed to be connected. This allows changing RAM to which you don't have access. That was accidental, rather than being designed in.

This new attack is deliberate, rather than accidental, and very explicit, being wired to to the protected-mode bit. It points the way to even more subtle attacks, perhaps something that misbehaves slightly as power management is bringing some part of the CPU up or down. Maybe slightly more capacitance somewhere, so that right after a core comes out of power save, for the first few cycles some part of the protection hardware doesn't work right.




"Maybe slightly more capacitance somewhere, so that right after a core comes out of power save, for the first few cycles some part of the protection hardware doesn't work right."

That already happens in embedded systems (esp MCU's) in a different way. You're thinking on the right track. All I can say.


You made some extremely good insights... ;)




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: