Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Intel Security

Intel CPUs Vulnerable To New LVI Attacks (zdnet.com) 24

A team of academics from universities across the world, along with vulnerability researchers from Bitdefender, today disclosed a new security flaw in Intel processors. From a report: Named Load Value Injection, or LVI for short, this is a new class of theoretical attacks against Intel CPUs. While the attack has been deemed only a theoretical threat, Intel has released firmware patches to mitigate attacks against current CPUs, and fixes will be deployed at the hardware (silicon design) level in future generations.
This discussion has been archived. No new comments can be posted.

Intel CPUs Vulnerable To New LVI Attacks

Comments Filter:
  • by sinij ( 911942 ) on Tuesday March 10, 2020 @12:36PM (#59815442)

    How much of last decade's progress can be attributed to shortcuts in security?

  • Put machine in middle of room.
    Surround by Armed Guards
    Shoot unauthorized attackers in head until dead

    Problem solved.

    • You failed to account for the floor.

      • by MiniMike ( 234881 ) on Tuesday March 10, 2020 @02:21PM (#59815854)

        He did say to put the machine in the middle of the room, not the floor. Unless the machine and room are the same height this will leave the machine not touching the floor. The exact method for keeping the machine there is left as an exercise for the user. I'm more concerned about the "Shoot unauthorized attackers in head until dead" line, as it implies there might be authorized attackers. It also assumes any unauthorized attackers have discernible heads, and offers no alternative directions if they don't.

        • Unless the machine and room are the same height this will leave the machine not touching the floor. The exact method for keeping the machine there is left as an exercise for the user.

          I suggest using "vertical-align: middle", maybe?

        • He did say to put the machine in the middle of the room, not the floor. Unless the machine and room are the same height this will leave the machine not touching the floor. The exact method for keeping the machine there is left as an exercise for the user. I'm more concerned about the "Shoot unauthorized attackers in head until dead" line, as it implies there might be authorized attackers. It also assumes any unauthorized attackers have discernible heads, and offers no alternative directions if they don't.

          To be fair, the lack of a head would introduce a huge barrier to any attack, authorized or not. Last I looked, any biological being with the right implements to launch an attack (i.e. fingers, voice, etc.) requires a head for direction.

          Of course, a robot or drone doesn't have to have a head so maybe this is what leads to the eventual rise of Skynet...

          • The key was "discernible" head. This would include tiny heads, disguised heads, guards bad at seeing heads, etc. Just trying to cover all the edge cases. They should have left the target as center of mass. Unauthorized attackers without mass will not be affected by bullets.

            • You could still have an authorized attacker without any discernible head and a bulletproof center of mass...

              • Authorized attackers are not to be shot, regardless of the status of their head. Guards would ideally be additionally equipped with a non-ballistic weapon to defend against more types of unauthorized attacker. But I didn't make the original rules.

    • VM host shearing is what can make use of this not not local inputs.

"The one charm of marriage is that it makes a life of deception a neccessity." - Oscar Wilde

Working...