Computer Architecture Today

Informing the broad computing community about current activities, advances and future directions in computer architecture.
Archive of posts tagged: Security
Please Disclose Security Vulnerabilities!

Please Disclose Security Vulnerabilities!

In a recent opinion post on security disclosures, Uht questions if the public disclosure of hardware security vulnerabilities has had any benefits, and suggests that it would be better not to disclose these vulnerabilities. As Uht points out, debate on security...

Read more...

Let’s Keep it to Ourselves: Don’t Disclose Vulnerabilities

Let’s Keep it to Ourselves: Don’t Disclose Vulnerabilities

There are millions of viruses, etc., in the wild today. Countless new ones are devised by black-hat hackers all the time. In order to proactively defend against new exploits, some white-hatters seek out or create weaknesses or vulnerabilities and then devise fixes for them. However, in some cases, such as Spectre, fixes are not readily apparent, either to the inventor or the vendor of the target software or hardware. Regardless of the existence of a fix or not, the question arises as to what to publicize or disclose about the vulnerability. We argue that no public disclosure should be made at all, until and unless the exploit appears in the wild.

Read more...

Reflections on trusting SGX

Reflections on trusting SGX

The security community will remember the year of 2018 as the year of speculative execution attacks.  Meltdown and Spectre, the recent Foreshadow (L1TF in Intel’s terminology), and their variants demonstrate how the immense processor design complexity, perpetual...

Read more...