Archive of posts tagged: Security
Please Disclose Security Vulnerabilities!
In a recent opinion post on security disclosures, Uht questions if the public disclosure of hardware security vulnerabilities has had any benefits, and suggests that it would be better not to disclose these vulnerabilities. As Uht points out, debate on security...
Let’s Keep it to Ourselves: Don’t Disclose Vulnerabilities
There are millions of viruses, etc., in the wild today. Countless new ones are devised by black-hat hackers all the time. In order to proactively defend against new exploits, some white-hatters seek out or create weaknesses or vulnerabilities and then devise fixes for them. However, in some cases, such as Spectre, fixes are not readily apparent, either to the inventor or the vendor of the target software or hardware. Regardless of the existence of a fix or not, the question arises as to what to publicize or disclose about the vulnerability. We argue that no public disclosure should be made at all, until and unless the exploit appears in the wild.
Approaches to System Security: Using Cryptographic Techniques to Minimize Trust
This is the first post in a series of posts on different approaches to systems security especially as they apply to hardware and architectural security. In this post, we will consider the use of mathematics/cryptography as an approach to improving systems security....
Reflections on trusting SGX
The security community will remember the year of 2018 as the year of speculative execution attacks. Meltdown and Spectre, the recent Foreshadow (L1TF in Intel’s terminology), and their variants demonstrate how the immense processor design complexity, perpetual...Subscribe
