Attacking Multicore CPUs

Ant writes "The Register reports that the world of current multi-core central processing units (CPUs) just entered is facing a serious threat. A security researcher at Cambridge disclosed a new class of vulnerabilities that takes advantage of concurrency to bypass security protections such as anti-virus software The attack is based on the assumption that the software that interacts with the kernel can be used without interference. The researcher, Robert Watson, showed that a carefully written exploit can attack in the window when this happens, and literally change the "words" that they are exchanging. Even if some of these dark aspects of concurrency were already known, Watson proved that real attacks can be developed, and showed that developers have to fix their code. Fast..."

Again?

[DeHackEd]

Looks like a variation (or maybe a dup) of this.

Re:Fast?

"No, such a difficult and obscure attack is not something that is priority one"

Thread one sends a command to the OS and knowing that it will take time x to complete

Thread two waits (x-d) before overwriting the buffer used to store the command (after the OS has checked it for validity, but before the OS has actually processed it)

what's obscure about that?

Neither submitter nor editor RTFA...?

[perrin]

It seems that neither the submitter nor the slashdot editor read the article in question. The attack is not specific to multi-core systems, and it works only against programs that wrap system calls to add additional system protection. So it does not pierce through standard OS security, and you already need to have execution privileges. The writeup is just hype and FUD, IMHO.

Er, that's an OLD attack

[davecb]

It works on any multiprocessor, including an
IBM 360/168 mainframe, where I first encountered it.

--dave