Flaw resides in BTB helps bypass ASLR

Hello, http://news.softpedia.com/news/researchers-bypass-aslr-protection-on-intel-ha swell-cpu-509460.shtml   paper: http://www.cs.ucr.edu/~nael/pubs/micro16.pdf[http://www.cs.ucr.edu/~nael/pubs /micro16.pdf]   could we somehow prevent this attack on OpenBSD?

Re: Flaw resides in BTB helps bypass ASLR

Peter Janos wrote: > Hello, > > http://news.softpedia.com/news/researchers-bypass-aslr-protection-on-intel-ha > swell-cpu-509460.shtml >   > paper: > http://www.cs.ucr.edu/~nael/pubs/micro16.pdf[http://www.cs.ucr.edu/~nael/pubs > /micro16.pdf] >   > could we somehow prevent this attack on OpenBSD?

Re: Flaw resides in BTB helps bypass ASLR

On Thu, Oct 20, 2016 at 10:40:28AM +0200, Peter Janos wrote: > Hello, > > http://news.softpedia.com/news/researchers-bypass-aslr-protection-on-intel-ha > swell-cpu-509460.shtml > ?? > paper: > http://www.cs.ucr.edu/~nael/pubs/micro16.pdf[http://www.cs.ucr.edu/~nael/pubs > /micro16.pdf] > ?? > coul

Re: Flaw resides in BTB helps bypass ASLR

> if you read the paper, you will notice that they only tested on Ubuntu and > OSX, > neither of which actually ship with ASLR enabled by default if I remember > correctly. https://wiki.ubuntu.com/Security/Features

Re: Flaw resides in BTB helps bypass ASLR

On Thu, Oct 20, 2016 at 11:02 AM, Ted Unangst wrote: > > I recommend not letting attackers run code on your computer. Good idea, but then poor AWS/Xen/xVM/dockers/what ever container cloud provider users who do not buy whole box for themselves.

Re: Flaw resides in BTB helps bypass ASLR

> On Thu, Oct 20, 2016 at 11:02 AM, Ted Unangst wrote: > > > > I recommend not letting attackers run code on your computer. > > Good idea, but then poor AWS/Xen/xVM/dockers/what ever container cloud > provider users who do not buy whole box for themselves. you're missing the other detail in Ted'

Re: Flaw resides in BTB helps bypass ASLR

On Thu, Oct 20, 2016 at 11:20:01AM +0200, Peter N. M. Hansteen wrote: > On Thu, Oct 20, 2016 at 10:40:28AM +0200, Peter Janos wrote: > > Hello, > > > > http://news.softpedia.com/news/researchers-bypass-aslr-protection-on-intel-ha > > swell-cpu-509460.shtml > > ?? > > paper: > > http://www.cs.ucr.ed

Re: Flaw resides in BTB helps bypass ASLR

On Thu, Oct 20, 2016 at 3:19 PM, Theo de Raadt wrote: >> On Thu, Oct 20, 2016 at 11:02 AM, Ted Unangst wrote: >> > >> > I recommend not letting attackers run code on your computer. >> >> Good idea, but then poor AWS/Xen/xVM/dockers/what ever container cloud >> provider users who do not buy whole

Re: Flaw resides in BTB helps bypass ASLR

On 10/20/16 11:46, Lampshade wrote: >> if you read the paper, you will notice that they only tested on Ubuntu and >> OSX, >> neither of which actually ship with ASLR enabled by default if I remember >> correctly. > > https://wiki.ubuntu.com/Security/Features which claims that ASLR is indeed ena