Oracle Bakes Security Into New Chips

An anonymous reader writes: Oracle's Larry Ellison gave a presentation yesterday at OpenWorld in which he detailed how the M7 chip's new Silicon Secured Memory system works. "On the M7, pointers and their memory blocks are stamped with a 4-bit 'color,' and accesses are verified to make sure the color in the highest bits of the pointer matches the color of the memory allocation. This works with virtual memory allocated from the heap rather from the stack, it appears. Solaris tries to avoid giving adjacent blocks the same color." El Reg notes that a 4-bit security stamp doesn't really offer that many distinct options. "Four bits of color means there are 24, or 16, possible colors a memory block can have. A hijacked pointer has a one-in-16 chance of having a matching color when it accesses any block of memory, allowing it to circumvent the SSM defense mechanism. ... It is even possible [a hacker] can alter the color bits in a pointer to match the color of a block she wishes to access, and thus avoid any crashes and detection. In short, SSM is a mitigation rather than bulletproof protection." Still, Ellison claims this would have shut down vulnerabilities like Heartbleed and Venom.

Always entertaining when salesmen try to talk tech

[JoeyRox]

Colors? I bet he counts binary as "one potato, two potato, four potato".

She?

It is even possible [a hacker] can alter the color bits in a pointer to match the color of a block she wishes to access, and thus avoid any crashes and detection.

Go ahead, mod me down as a troll.

Re:She?

Good catch! Thank you for pointing this out! In this age of equality there's no reason the attacker in the Standard Security Scenario couldn't be a man named Eve and anyone addressing zir without first asking what ze identified as is a shitlord of the highest order pushing their cisgendered patriarchy on everyone else.

Score another win for social justice!