Slashdot Mirror
Domain: netdna-cdn.com
Stories and comments across the archive that link to netdna-cdn.com.
Stories · 4
-
Researchers Point Out 'Theoretical' Security Flaws In AMD's Upcoming Zen CPU (bleepingcomputer.com)
An anonymous reader writes from a report via BleepingComputer: The security protocol that governs how virtual machines share data on a host system powered by AMD Zen processors has been found to be insecure, at least in theory, according to two German researchers. The technology, called Secure Encrypted Virtualization (SEV), is designed to encrypt parts of the memory shared by different virtual machines on cloud servers. AMD, who plans to ship SEV with its upcoming line of Zen processors, has published the technical documentation for the SEV technology this past April. The German researchers have analyzed the design of SEV, using this public documentation, and said they managed to identify three attack channels, which work, at least in theory.
[In a technical paper released over the past weekend, the researchers described their attacks:] "We show how a malicious hypervisor can force the guest to perform arbitrary read and write operations on protected memory. We describe how to completely disable any SEV memory protection configured by the tenant. We implement a replay attack that uses captured login data to gain access to the target system by solely exploiting resource management features of a hypervisor." AMD is scheduled to ship SEV with the Zen processor line in the first quarter of 2017. -
Samsung Agrees To Pay Apple $548 Million Over Smartphone Patents (theverge.com)
An anonymous reader writes: After years of legal wrangling over smartphone patents, Apple and Samsung appear to have reached an agreement. The two companies released a joint statement (PDF) saying Samsung will pay Apple $548 million before December 14th. Apple must send them an invoice before they'll pay. It's not a complete stand-down; even their agreement contains disagreement. "The statement notes that Samsung 'continues to reserve all rights to obtain reimbursement from Apple,' although in the same document, Apple disputes these rights. ... Not only does the joint statement reserve Samsung's right to take some of this money back in any future cases, but this summer, the South Korean company announced it would be requesting a U.S. Supreme Court review of its legal case." At the very least, it's a big step toward resolving the mountain of patent issues between the companies. -
Espionage Campaign Targets Corporate Executives Traveling Abroad
An anonymous reader writes Kaspersky Lab researched the Darkhotel espionage campaign, which has lurked in the shadows for at least four years while stealing sensitive data from selected corporate executives traveling abroad. Darkhotel hits its targets while they are staying in luxury hotels. The crew never goes after the same target twice; they operate with surgical precision, obtaining all the valuable data they can from the first contact, deleting traces of their work and fading into the background to await the next high profile target. The most recent traveling targets include top executives from the USA and Asia doing business and investing in the APAC region: CEOs, senior vice presidents, sales and marketing directors and top R&D staff. This threat actor is still active. -
A Patent Tree Grows In Seattle
theodp writes "Among the featured attractions for the kids at the just-opened $10 million Bezos Center for Innovation in the $60 million Museum of History & Industry in Seattle is a 'Patent Tree'. The museum opening marks the end of a week for Amazon CEO Jeff Bezos that saw his personal and managerial life put on display with the release of an excerpt from The Everything Store, a new book by Brad Stone, who reveals how he found Bezos's long-lost biological father."
