The Executive Summary is there is an exploit they have found that reaches deep into the processor that runs at ring -2, so the OS can’t see it, the virtualization layer can’t see it, nothing can see it. They have created a rootkit that, if you set a value in your program, will elevate it to root.
If I understand everything, Intel has fixed it in later versions of processor, but I think it’s pretty clear that you are right and this 40 years of backwards compatibility has created insecure hardware.
Apparently this can be mitigated in software if running a VMM can be considered a fix.
I seem to have my choice between “This file is too big to show. Sorry!” On mobile and a desktop site that shows an empty box with a spinner in it. :(
I can’t get it to load from GitHub either. But the slides posted on Black Hat’s site work for me. They also posted a two-page summary.
The Executive Summary is there is an exploit they have found that reaches deep into the processor that runs at ring -2, so the OS can’t see it, the virtualization layer can’t see it, nothing can see it. They have created a rootkit that, if you set a value in your program, will elevate it to root.
They found an exploit being used against them? Or they found a vulnerability and wrote an exploit for it?
Either way, this is a wake-up call: our CPUs are far too complicated to be secure.
They wrote an exploit, as I understand it.
If I understand everything, Intel has fixed it in later versions of processor, but I think it’s pretty clear that you are right and this 40 years of backwards compatibility has created insecure hardware.