How The RIDL CPU Vulnerability Was Found
121.3 هزار بار بازدید -
2 سال پیش
-
In this video we explore
In this video we explore the basic ideas behind CPU vulnerabilities and have a closer look at RIDL.
This video is sponsored by Intel and their Project Circuit Breaker: https://www.projectcircuitbreaker.com/
How to Benchmark Code Execution Times: https://www.intel.com/content/dam/www...
Anders Fogh: https://cyber.wtf/2017/07/28/negative...
Speculose: https://arxiv.org/abs/1801.04084
RIDL Paper: https://mdsattacks.com/files/ridl.pdf
Foreshadow PoC: https://github.com/gregvish/l1tf-poc/...
Sebastian Österlund: https://osterlund.xyz/
Chapters:
00:00 - Intro & Motivation
00:57 - Concept #1: CPU Caches
01:57 - Measure Cache Access Time with rdtscp
05:00 - Concept #2: Out-of-order Execution
06:11 - CPU Pipelining
07:13 - Out-of-order Execution Example
09:19 - CPU Caching + Out-of-order Execution = Attack Idea!!
10:33 - Negative Result: Reading Kernel Memory From User Mode
13:45 - Pandoras Box
14:23 - Interview with Sebastian Österlund
17:24 - Accidental RIDL Discovery
19:31 - NULL Pointer Bug
21:50 - Investigating Root Cause
23:28 - Conclusion
24:24 - Outro
=[ ❤️ Support ]=
→ per Video: Patreon: liveoverflow
→ per Month: @liveoverflow
=[ 🐕 Social ]=
→ Twitter: Twitter: LiveOverflow
→ Instagram: Instagram: LiveOverflow
→ Blog: https://liveoverflow.com/
→ Subreddit: Reddit: LiveOverflow
→ Facebook: Facebook: LiveOverflow
This video is sponsored by Intel and their Project Circuit Breaker: https://www.projectcircuitbreaker.com/
How to Benchmark Code Execution Times: https://www.intel.com/content/dam/www...
Anders Fogh: https://cyber.wtf/2017/07/28/negative...
Speculose: https://arxiv.org/abs/1801.04084
RIDL Paper: https://mdsattacks.com/files/ridl.pdf
Foreshadow PoC: https://github.com/gregvish/l1tf-poc/...
Sebastian Österlund: https://osterlund.xyz/
Chapters:
00:00 - Intro & Motivation
00:57 - Concept #1: CPU Caches
01:57 - Measure Cache Access Time with rdtscp
05:00 - Concept #2: Out-of-order Execution
06:11 - CPU Pipelining
07:13 - Out-of-order Execution Example
09:19 - CPU Caching + Out-of-order Execution = Attack Idea!!
10:33 - Negative Result: Reading Kernel Memory From User Mode
13:45 - Pandoras Box
14:23 - Interview with Sebastian Österlund
17:24 - Accidental RIDL Discovery
19:31 - NULL Pointer Bug
21:50 - Investigating Root Cause
23:28 - Conclusion
24:24 - Outro
→ per Video: Patreon: liveoverflow
→ per Month: @liveoverflow
→ Twitter: Twitter: LiveOverflow
→ Instagram: Instagram: LiveOverflow
→ Blog: https://liveoverflow.com/
→ Subreddit: Reddit: LiveOverflow
→ Facebook: Facebook: LiveOverflow
2 سال پیش
در تاریخ 1401/05/20 منتشر شده
است.
121,350
بـار بازدید شده