1. 22

  2. 3

    Apparently this can be mitigated in software if running a VMM can be considered a fix.

    1. 2

      I seem to have my choice between “This file is too big to show. Sorry!” On mobile and a desktop site that shows an empty box with a spinner in it. :(

      1. 7

        I can’t get it to load from GitHub either. But the slides posted on Black Hat’s site work for me. They also posted a two-page summary.

        1. 2

          The Executive Summary is there is an exploit they have found that reaches deep into the processor that runs at ring -2, so the OS can’t see it, the virtualization layer can’t see it, nothing can see it. They have created a rootkit that, if you set a value in your program, will elevate it to root.

          1. 2

            They found an exploit being used against them? Or they found a vulnerability and wrote an exploit for it?

            Either way, this is a wake-up call: our CPUs are far too complicated to be secure.

            1. 1

              They wrote an exploit, as I understand it.

              If I understand everything, Intel has fixed it in later versions of processor, but I think it’s pretty clear that you are right and this 40 years of backwards compatibility has created insecure hardware.