TLBleed in the news

We have shared TLBleed with several operating system projects, in order for them to be able to implement mitigations if desired. As a result of seeing TLBleed, OpenBSD decided to disable Hyperthreading by default. This has prompted some speculation that TLBleed is a spectre-like attack, but that is not the case. OpenBSD also realizes the exact impact of TLBleed. There has been significant news coverage: TheRegister (and this one), ArsTechnica, bleepingcomputer, ZDnet, Techrepublic, TechTarget, ITwire, tweakers, and a personal favorite, the SecurityNow Podcast episode 669 (mp3, show notes, youtube).

The full paper will be online soon.

GLitch hits the news

GLitch, our JS-based Rowhammer exploit that takes advantage of GPU acceleration to trigger bit flips and get control over the Firefox browser on Android made it to the news. After respecting the 90 days disclosure policy we finally went live on May 3 releasing all the details of our attack.

The research got quite some interest from the security community on Twitter and it got covered in two detailed articles on Wired and ArsTechnica. After this, it got picked up by other news outlets such as DecipherTweakers, The Hacker News and others.

While the great interest for the research people did not really like the demo video. The reason is attributed to the background music.
Oh well… ¯\_(ツ)_/¯

European Cyber Security Perspectives 2018

Network infrastructure attacks are a growing threat, and are addressed by a budding VUSec research project.

KPN recently published the fifth European Cyber Security Perspectives – edition 2018. It features an article detailing an early version of an active research project of VUsec, called Packet Origin Fidelity (POF), a detection method of network infrastructure attacks.

Full announcement and brochure here.

VUSec: Election software very vulnerable

We analyzed the election software that is used, and has been used for years, in all Dutch elections. Our conclusion: this software is very vulnerable.

On the 13th of March, Herbert Bos appeared on RTL Nieuws to summarize these findings. He is on briefly after 7 seconds, and then again at 3m17s (also with Sebastian, Marco and Sanjay, who did the heavy lifting for the analysis, together with Andrei).

Surprisingly, Minister Ollongren does not think there is a problem, even though we show vulnerabilities as bad as integer overflows that allow attackers to manipulate overall results even from compromised local polling stations.

The news broadcast, our analysis, and the independent analysis by Sijmen Ruwhof, did lead to questions from the parliament, and some members of parliament explicitly echoed Herbert’s analysis.  The issue was also reported in most newspapers and on Tweakers.