[Cryptography] Crypto for optimistic transactions ?
Howard Chu
hyc at symas.com
Sun Jan 7 04:21:36 EST 2018
Bill Frantz wrote:
> On 1/6/18 at 10:55 PM, hyc at symas.com (Howard Chu) wrote:
>
>> The Spectre attack is harder to defend against, but it can only reveal memory
>> within a single process's address space, so for the most part I find it a
>> non-event. It only becomes a problem if you allow hostile code to be
>> injected into your running processes. Web browsers are the most obviously
>> vulnerable, particularly when they allow user-loaded extensions and
>> executing javascript etc. from random web sites. In that respect the attack
>> surface is nothing new, and we already know about isolating browser
>> tabs/pages into their own processes to mitigate such types of attacks.
>
> The Spectre attack can use "Return Oriented Programming", which is used to
> empower buffer overrun attacks on systems which don't allow execution from
> read/write pages. See the Spectre paper below. Note that instead of overlaying
> the stack, the Spectre attack sets the addresses in the branch prediction
> table in the processor. No write access to victim memory needed.
That's a nonsensical statement. Somebody had to initiate the attack in the
victim memory in the first place. Turning off javascript in the web browser
would go a long way toward eliminating this threat.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the cryptography
mailing list