Reminiscent of rowhammer, isn’t it?
I’m looking forward to seeing how much of this can be done on x86. The AES key leak example probably won’t port directly across, because of AES-NI which does an entire round of AES in a single instruction. Also, I don’t know how much more or less robust the core is to governor-induced faults, relative to ARM. But I’m sure we’ll see soon!
This is an amazing piece of work. They started with a good concept then hit it from all angles. I posted about risk areas such as this on Schneier’s blog long ago. When debating with Joanna of Qubes, one of the reasons she said she chose Xen over the security-focused microkernels I mentioned was she wanted the power management it already had. When people told me how that worked, I told the readers that the implementation was way too complicated to trust in a secure system. Management features should be on a microcontroller sitting outside the CPU running verifiable algorithms. If on CPU, in an truly-isolated partition at the least. Also, use proper isolation on system in general to limit shared resources due to covert & side channels. Typical of separation kernels.
So, this attack happens since isolation is broken in numerous ways plus stuff is on-CPU. It was preventable but it would cost extra. The market prefers to make extra money per unit then clean up after a disaster. Everything is running right on schedule. Note that the needs of mobile might justify keeping things in the SoC but the isolation failures weren’t necessary. The embedded and mobile segments have had for some time SoC support for coprocessors, accelerators for specific functions, and separation kernels. I thinking they’re avoiding those to squeeze out extra profit.
There’s a quite succinct summary of the paper here as well:
It kinda feels good to submit it first after all the times I’ve seen “Your story was previously submitted at Lobsters by pushcx.” Aside from HN, I’m not sure what sources we’re both reading but there has to be a few in common. I’m usually like, “Damn, there he goes again! The man keeps finding the good shit before the rest of us!” :)
Lol :) Yes, cool. Merged, per your request ;)
Lmao. I just had to say it after all the blue screens Ive seen on submissions. Usually “submitted a year ago,” too, just to rub it in haha.