Archiv: ZombieLoad


14.05.2019 - 21:36 [ Radio Utopie ]

Während die IT-„Experten“ seit 20 Jahren Luftmaus spielen, gebt Ihr Euch jetzt mal sichere Passwörter

(6.5.2018)

Erklärung: wenn Ihr Passwörter direkt in einen Browser, Euer Mailprogramm, Anwenderprogramm, etc, eingebt, der eine sichere Verbindung hat (https), umgeht Ihr unserer Analyse zufolge die auslesbare Memory Eures Computer-Prozessors. Habt Ihr aber Euer Passwort irgendwo gespeichert, ist dieses mitlesbar sobald ihr es über die „Copy“-Funktion in den Speicher / die Memory ladet.

14.05.2019 - 21:30 [ ZombieloadAttack.com ]

ZombieLoad Attack: Watch out! Your processor resurrects your private browsing-history and other sensitive data.

After Meltdown, Spectre, and Foreshadow, we discovered more critical vulnerabilities in modern processors. The ZombieLoad attack allows stealing sensitive data and keys while the computer accesses them.

While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs. These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys.

The attack does not only work on personal computers but can also be exploited in the cloud.

14.05.2019 - 21:29 [ Techcrunch.com ]

New secret-spilling flaw affects almost every Intel chip since 2011

Almost every computer with an Intel chips dating back to 2011 are affected by the vulnerabilities. AMD and ARM chips are not said to be vulnerable like earlier side-channel attacks.