Tag: hardware security
-
The Register: China’s infosec leads accuse Intel of NSA backdoor, cite chip security flaws
Source URL: https://www.theregister.com/2024/10/16/china_intel_chip_security/ Source: The Register Title: China’s infosec leads accuse Intel of NSA backdoor, cite chip security flaws Feedly Summary: Uncle Sam having a secret way into US tech? Say it ain’t so A Chinese industry group has accused Intel of backdooring its CPUs, in addition to other questionable security practices while calling for…
-
Cloud Blog: Cloud CISO Perspectives: AI vendors should share vulnerability research. Here’s why
Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-ai-vendors-should-share-vulnerability-research-heres-why/ Source: Cloud Blog Title: Cloud CISO Perspectives: AI vendors should share vulnerability research. Here’s why Feedly Summary: Welcome to the first Cloud CISO Perspectives for October 2024. Today I’m discussing new AI vulnerabilities that Google’s security teams discovered and helped fix, and why it’s important for AI vendors to share vulnerability research…
-
Hacker News: Can You Get Root with Only a Cigarette Lighter?
Source URL: https://www.da.vidbuchanan.co.uk/blog/dram-emfi.html Source: Hacker News Title: Can You Get Root with Only a Cigarette Lighter? Feedly Summary: Comments AI Summary and Description: Yes Summary: This text discusses hardware fault injection techniques, specifically targeting memory exploitation via electromagnetic interference (EMI) in laptops to facilitate local privilege escalation on Linux systems. This approach is novel in…
-
Cloud Blog: Announcing new Confidential Computing updates for even more hardware security options
Source URL: https://cloud.google.com/blog/products/identity-security/new-confidential-computing-updates-for-more-hardware-security-options/ Source: Cloud Blog Title: Announcing new Confidential Computing updates for even more hardware security options Feedly Summary: Google Cloud is committed to ensuring that your data remains safe, secure, and firmly under your control. This begins with fortifying the very foundation of your compute infrastructure — your Compute Engine virtual machines (VMs)…
-
Slashdot: AI Chipmaker Cerebras Files For IPO To Take On Nvidia
Source URL: https://slashdot.org/story/24/10/01/0030246/ai-chipmaker-cerebras-files-for-ipo-to-take-on-nvidia?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: AI Chipmaker Cerebras Files For IPO To Take On Nvidia Feedly Summary: AI Summary and Description: Yes Summary: Cerebras Systems, an AI chip startup, is preparing to go public with an IPO on Nasdaq, intending to compete in the AI chip market against industry giants like Nvidia. Their WSE-3…
-
Hacker News: Ask HN: Assuming any bought laptop is tampered with, what do you do?
Source URL: https://news.ycombinator.com/item?id=41534858 Source: Hacker News Title: Ask HN: Assuming any bought laptop is tampered with, what do you do? Feedly Summary: Comments AI Summary and Description: Yes Summary: The text highlights a significant concern regarding the physical tampering of laptops, particularly outlining the lack of information related to preventive measures for buyers who suspect…
-
Schneier on Security: YubiKey Side-Channel Attack
Source URL: https://www.schneier.com/blog/archives/2024/09/yubikey-side-channel-attack.html Source: Schneier on Security Title: YubiKey Side-Channel Attack Feedly Summary: There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack, requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment. Still, nice piece…
-
Hacker News: Glue and Coprocessor Architectures
Source URL: https://vitalik.eth.limo/general/2024/09/02/gluecp.html Source: Hacker News Title: Glue and Coprocessor Architectures Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the separation of computation types in modern architectures, particularly emphasizing “glue” and “coprocessor” structures. It illustrates these concepts through examples from Ethereum, AI, and cryptographic frameworks, analyzing the balance between generality and…
-
Slashdot: YubiKeys Are Vulnerable To Cloning Attacks Thanks To Newly Discovered Side Channel
Source URL: https://it.slashdot.org/story/24/09/03/1810216/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: YubiKeys Are Vulnerable To Cloning Attacks Thanks To Newly Discovered Side Channel Feedly Summary: AI Summary and Description: Yes Summary: The YubiKey 5, a leading hardware token for two-factor authentication, has been revealed to possess a critical cryptographic vulnerability that allows for cloning if an attacker gains physical access.…
-
Hacker News: How to verify boot firmware integrity if you prioritize neutralizing Intel ME?
Source URL: https://news.ycombinator.com/item?id=41349589 Source: Hacker News Title: How to verify boot firmware integrity if you prioritize neutralizing Intel ME? Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses methods for protecting computer boot firmware, highlighting the trade-offs between using Intel’s me_cleaner and Trusted Platform Module (TPM) technology, as well as various strategies…