News

• Undoubtedly the main event of the past few days was the congress of the German Chaos Computer Club. This event is one of the world’s most important conferences alongside BlackHat and DEFCON, and this year’s talks included some real treats: https://media.ccc.de/c/34c3
• I won’t give any tips from the 34C3 lectures, let everyone find their own, but I will mention one lecture in particular that might escape your attention because of its inconspicuousness. Behind https://www.youtube.com/watch?v=ewe3-mUku94 is the same team from the Technical University of Gratz, which is behind a series of modifications to the Linux kernel with a not entirely clear goal. This http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table article notes that similar modifications have already appeared in Windows, and other indications are that this may be a coordinated effort to fix some as yet embargoed hardware bug. If current processors do indeed contain an exploitable bug in virtual memory mapping, this will be the biggest security blunder of recent years, for which we will all pay with noticeable performance degradation due to software workarounds. We’ll see, maybe soon.
  • EDIT 4 Jan 2018: this point has been confirmed to the letter. A brand new class of attack on current processors has been declassified https://googleprojectzero.blogspot.cz/2018/01/reading-privileged-memory-with-side.html, which can be applied to many different scenarios, from attacking the hypervisor from a guest, to attacking the operating system from an application, to attacking the browser through javascript in https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ browsers. The fix cannot be done at the hardware level (firmware or microcode), it needs to be done by a workaround in the OS. In Linux the patch has been around for a long time, in Windows it is installed today, even outside the normal schedule. According to the first benchmarks, the patch permanently slows down the performance of computers by about 10% at best, 50% at worst, for example a normal select in a database is on average 20% slower https://www.postgresql.org/message-id/20180102222354.qikjmf7dvnjgbkxe@alap3.anarazel.de. As icing on the cake, it was reported that Brian Krzanich (Intel CEO) sold all the shares of his company he could before Christmas http://www.businessinsider.com/intel-ceo-krzanich-sold-shares-after-company-was-informed-of-chip-flaw-2018-1. If this isn’t insider trading, I don’t know, but if I saw this two line commit https://lkml.org/lkml/2017/12/27/2, I’d sell too. Unfortunately, it looks like we’re coming to an era where bugs in processors will become as common as they are in software https://danluu.com/cpu-bugs/.
• In past news, some may have missed the drama of the current state of botnets. To complete the picture, I am therefore posting an article that coincidentally was unlocked by Wired a few days ago: https://www.wired.com/2017/03/russian-hacker-spy-botnet/. TL; DR botnets are now the basis of the largest and most successful global criminal groups, with all the trappings of normal criminality, and their owners can operate at a level and under the influence of global geopolitical interests. An article about the author of TrueCrypt, which I’m sure at least some of you have used, https://magazine.atavist.com/the-mastermind, has previously described the connection of digital security to the old familiar attributes of classic crime (murder, drugs, kidnapping, extortion) in monstrous proportions. When you consider that both articles describe a situation several years old that pales in envy compared to the current Mirai botnets, etc., you only begin to understand the scope of the problem.

Author: František Řezáč