RIDL Second in CSAW’19 Best applied Research

Two of VUSec’s papers were nominated for the Best Applied Research Award at CSAW’19 in Valence France: ECCploit and RIDL.

When the dust settled, “RIDL: Rogue In-Flight Data Load”, the
paper that was published at Security & Privacy in May and that shows a new class of speculative execution attacks that can leak any “in-flight” data from Intel CPUs won the second place
prize for Best Applied Research at CSAW ’19.

See also: “Much Ado about RIDL“.

Much ado about RIDL

The RIDL saga that started in September 2018 lingers on. A new embargo and a new set of insufficient patches, and it isn’t over yet. Excellent coverage by Kim Zetter in the New York Times.

In addition there were many other outlets covering this:

International:

https://www.wired.com/story/intel-mds-attack-taa/

https://www.theverge.com/2019/11/13/20962667/intel-processor-security-vulnerabilities-researchers-disclosure

https://www.ft.com/content/d60cda42-7699-11e9-be7d-6d846537acab

https://in.pcmag.com/news/133831/intel-struggles-to-fix-hardware-based-flaws-researchers-say

https://www.tomshardware.com/news/intel-reveals-taa-vulnerabilities-in-cascade-lake-chips-and-a-new-jcc-bug

https://www.dailymail.co.uk/sciencetech/article-7681917/Intel-failed-fix-dangerous-chip-flaw-affecting-MILLIONS-Apple-Microsoft-Google-devices.html

https://www.engadget.com/2019/11/13/intel-fixes-cpu-security-flaw-for-real/

https://gizmodo.com/intel-reportedly-warned-of-critical-chip-security-flaws-1839807262

Dutch:

https://www.nu.nl/tech/6010595/onderzoekers-vrije-universiteit-intel-is-niet-eerlijk-over-processorlek.html

https://www.nporadio1.nl/nieuws-en-co/onderwerpen/519738-processorchips-intel-nog-steeds-kwetsbaar

https://nos.nl/artikel/2310247-onderzoekers-intel-neemt-beveiligingslek-niet-serieus.html

https://www.ad.nl/tech/onderzoekers-vu-intel-loog-over-oplossen-lek-in-chips~acb207e0/

https://tweakers.net/nieuws/159826/vu-onderzoekers-intel-heeft-ridl-kwetsbaarheid-nog-niet-volledig-opgelost.html

https://www.computable.nl/artikel/nieuws/cloud-computing/6834006/250449/oproep-vu-zet-hyperthreading-in-intel-processor-uit.html

https://radar.avrotros.nl/nieuws/item/processorchips-van-intel-nog-steeds-kwetsbaar/

https://www.noordhollandsdagblad.nl/cnt/dmf20191113_36194155/vu-studie-intel-chips-nog-steeds-kwetsbaar

https://www.security.nl/posting/631293/VU-onderzoekers+onthullen+%22nieuwe%22+aanval+op+Intel-processors

Tabloids:

https://www.telegraaf.nl/nieuws/348361583/vu-studie-intel-chips-nog-steeds-kwetsbaar

RIDL featured in the media

After a long embargo period of 9 months we made our paper RIDL: Rogue In-Flight Data Load available to the general public. RIDL introduces a new class of speculative execution attacks that can leak any “in-flight” data available in the CPU.

More information (including some nice demo videos) are available at https://mdsattacks.com. We have also released a tool that you can use to see how vulnerable your computer is to different speculative execution attacks.

TLBleed in the news

We have shared TLBleed with several operating system projects, in order for them to be able to implement mitigations if desired. As a result of seeing TLBleed, OpenBSD decided to disable /msg99141.html">Hyperthreading by default. This has prompted some speculation that TLBleed is a spectre-like attack, but that is not the case. OpenBSD also realizes the exact impact of TLBleed. There has been significant news coverage: TheRegister (and this one), ArsTechnica, bleepingcomputer, ZDnet, Techrepublic, TechTarget, ITwire, tweakers, and a personal favorite, the SecurityNow Podcast episode 669 (mp3, show notes, youtube).

The full paper will be online soon.

Systems and Network Security Group at VU Amsterdam