Hardware security bug: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 21:08, 16 March 2019 edit Fadesga (talk \| contribs) Autopatrolled, Extended confirmed users 289,093 edits →References ← Previous edit		Latest revision as of 20:51, 30 September 2022 edit undo Citation bot (talk \| contribs) Bots 5,868,301 edits Add: date. \| Use this bot. Report bugs. \| Suggested by Whoop whoop pull up \| Category:Side-channel attacks \| #UCB_Category 1/24
(32 intermediate revisions by 10 users not shown)
Line 1: {{short description\|Hardware bug}} In digital computing, '''hardware security bugs''' are a[[hardware ~~class~~bug]]s ofor flaws that create [[Vulnerability (computing)\|vulnerabilities]] affecting computer [[central processing unit]]s (CPUs), or other devices which incorporate programmable processors or logic and have [[direct memory access]], which allow data to be read by a rogue process when such reading is not authorized. Such vulnerabilities are considered "catastrophic" by security analysts.<ref> {{cite web \| url=https://www.schneier.com/blog/archives/2018/01/spectre_and_mel_1.html \| author = Bruce Schneier Line 20 ⟶ 21: \| publisher=Rudebaguette.com \| date = January 8, 2018 \| quote = ''[sic]:'' The effects of these vulnerabilities are catastrophic: « at best, the vulnerability can be used by malwares and hackers to exploit other security linked bugs. At worse, the flaw can be used by ~~softwares~~software and authentified users to read the kernel’s memory \| accessdate = February 4, 2019 }} </ref> ~~}} </ref> These vulnerabilities are based on exploiting side effects of [[speculative execution]], a technique used by many high performance CPUs to improve processing speed.~~ ==Speculative execution vulnerabilities== == See also ==▼ Starting in 2017, a series of security vulnerabilities were found in the implementations of speculative execution on common processor architectures which effectively enabled an elevation of [[privilege (computing)\|privileges]]. * [[Spectre (security vulnerability)\|Spectre]]▼ These include: * [[Foreshadow (security vulnerability)\|Foreshadow]] * [[Meltdown (security vulnerability)\|Meltdown]] * [[Microarchitectural Data Sampling]] ▲* [[Spectre (security vulnerability)\|Spectre]] * [[SPOILER (security vulnerability)\|SPOILER]] * [[Pacman (security vulnerability)\|Pacman]] ==Intel VISA== In 2019 researchers discovered that a manufacturer debugging mode, known as VISA, had an undocumented feature on [[Intel Corporation\|Intel]] Platform Controller Hubs, which are the chipsets included on most Intel-based motherboards and which have direct memory access, which made the mode accessible with a normal motherboard possibly leading to a security vulnerability.<ref name=toms>{{cite web\|url=https://www.tomshardware.com/news/intel-visa-undocumented-feature-chipsets-cpus,38954.html\|title=Intel Chipsets' Undocumented Feature Can Help Hackers Steal Data\|work=Tom's Hardware\|author=Lucian Armasu\|date=29 March 2019 }}</ref> ▲== See also == * [[Hardware security]] * [[Security bug]] * [[Computer security]] * [[Threat (computer)]] == References == Line 37 ⟶ 54: [[category:Hardware bugs]] [[category:Side-channel attacks]] [[~~category~~Category:2018 in ~~computer science~~computing]]