They mention "sub-$1000 hardware" as required, but for 1GHz and 40MHz, a HackRF One knock-off of $150-$200 should do just fine. Heck, you might be able to run with some DVB-T sticks at $20 depending on the chip in your particular model and production batch (the one for $15 I had went from 20-800MHz, just short of a gigahertz).
Gone are the days of putting a sense resistor between the safe and battery, just pick it out of the air now.
I imagine we are going to see more and more of these types of attacks.
So meltdown definitely qualifies as side-channel.
I take this as an indication that the underlying cryptographic primitives have become really good, so it’s no longer (usually) practical to attack that layer.
 - http://home.deib.polimi.it/barenghi/files/ITNG2010.pdf
Edit: it also used to be really common for people to use crappy, often homegrown primitives. How many systems were broken because the “encryption” was a simple xor with a fixed key or something? Now it’s very likely that the information you want to access is protected with something like TLS.
Google isn't going to use its control of your phone to directly transfer money out of your bank account - that would be illegal, so Google is not a threat to the bank.
You are under attack from Google, and taking back ownership of your phone is a necessary step to defending against this. It's just not the bank's concern.
Apparently, they've decided that Firefox isn't Firefox when it's not running on Windows.
The funny part is, when you first open the app after install, to stop root/rom users using some features, they just write a boolean to Android's shared preferences `USER_HAS_ROOT` or something. So _if_ you do have root you can just use a file explorer, or adb or something else go to the shared prefs file, change the value to false and when you relaunch the app, as long as magisk is installed, it works fine.
But no, my app doesn't like Los, and I think I even had to uninstall the inbuilt su of the ROM.
Works for me. Although some versions are less buggy than others on different roms.
- The device would have to be profiled ahead of time.
- There's nothing else running on the device but the key decryption at some point.
- The device is quite close to the detection apparatus (within 20 cm in the paper).
For the mitigation to be implemented on your android phone: Six to nine years.
If memory serves, I sent Bruce Schneier an email about it and he replied with:
"Very interesting. Thanks."
Now that I'm older I realize the hard part would be keeping it secret that you're doing this, not actually pulling it off.
What's the point of buying into this model where a possessor (ie owner) of a device is considered an attacker? It hasn't even shown itself to be workable on general-purpose computers, meanwhile users' practical experience seems to be centered around companies that are attempting to hinder people attempting to retain ownership of their phone.
Especially as the main push is aimed smaller devices - exactly the ones easier to take with you! At a certain point, the threat from the past (undetectable tampered software) outweighs the threat from the present (due to being able to easily read out the entire device state). It's a bit tough to take a rackmount server into the shower with you, but there's very little reason for a usb-port-sized device to stymie the user for the goal of protecting against physical access.
Not really. Apple's Secure Enclave is resistant against many side channel attacks, including differential power attacks.
I'm just saying for most all of computing history (besides a few perverted niches), we've thought of the data on the device is accessible by the person who has the device. So this attack just puts us back at the traditional expectation - a place that a large amount of people would actually just prefer to stay.