Lmst
Login

#SideChannel

Habrhabr@zhub.link
2025-06-13

Безопасности не существует: как NSA взламывает ваши секреты

Конечные поля, хэш-мясорубки, скрытые радиоканалы и трояны, запаянные в кремний. Пока мы гордимся замками AES-256, спецслужбы ищут обходные тропы: подменяют генераторы случайности, слушают писк катушек ноутбука и вывозят ключи через незаметные ICMP-пакеты. Эта статья собирает мозаичную картину современных атак — от математических лазеек до физических побочных каналов — и задаёт неудобный вопрос: существует ли вообще абсолютная безопасность? Если уверены, что да, проверьте, не трещит ли ваш щит по швам.

habr.com/ru/articles/918068/

#криптография #безопасность #NSA #шифрование #конечные_поля #sidechannel #аппаратные_бэкдоры #генератор_случайности #covert_channels #киберпанк

kriware :verified:kriware@infosec.exchange
2025-05-27

Bypassing kASLR via Cache Timing

Explores a prefetch side-channel attack to bypass kASLR on Windows 11 by measuring cache access times to locate the kernel base address.

r0keb.github.io/posts/Bypassin

#kASLR #SideChannel

eShardeshard@infosec.exchange
2025-05-19

Catch us at Hardwear.io later this month!

We’re bringing our side-channel attack bench demo and showing how easily it integrates with the esDynamic platform.

#hardware #hardwear_ioUSA #sidechannel

Cultcoderscultcoders.bsky.social@bsky.brid.gy
2025-05-16

Intel: Ein weiterer Angriff umgeht alle bisherigen CPU-Schutzmaßnahmen. Eine weitere Sicherheitslücke öffnet viele Prozessoren erneut für Seitenkanalangriffe trotz bisheriger Schutzmaßnahmen... #CyberSecurity #CPU #Vulnerability #SideChannel www.heise.de/news/Intel-E...

Intel: Ein weiterer Angriff um...

Einstein^Diogenes@UniverseLinkazuresaipan@defcon.social
2025-04-13

TOR is not a gimmick, but it doesn’t claim to be perfect either.

#sidechannel #COSADE #TorProject

A mask is still the best metaphor.

yashalevine.com/surveillance-v

scheerpost.com/2025/04/02/the-

#MIC #MilitaryIndustrialComplex #ChrisHedges #SI #Scheer #Surveillance #Privacy #CivilSociety #MartialLaw #Junta #Tech #CS

#History #MIC #Arpa #ONR
#clock #delusion #psy #genocidalSpyime #Pharoh
The hate group violates our privates with subconscious patrols . . .

CyberagenturCyberagentur@social.bund.de
2025-03-31

SCA4PQC – die @Cyberagentur startet ein Forschungsprogramm zur Entwicklung seitenkanalresistenter Post-Quanten-Kryptographie. Ziel: Schutz vor Quantenangriffen und physischen Seitenkanalangriffen. Fokus: Cloud/Desktops, IoT und Smartcards. Forschung und Wirtschaft sind eingeladen.
Mehr Informationen: t1p.de/b52np
#PostQuantum #CyberSecurity #SCA4PQC #PostQuantumCrypto #SideChannel #ITSecurity #OpenScience

Das Bild zeigt eine grafische Darstellung mit einem lila und pinkfarbenen Hintergrund, der von vielen feinen, verwobenen Linien durchzogen ist und an digitale Netzwerke erinnert. Im Vordergrund steht groß der Text „SCA4PQC“. Darunter in kleinerer Schrift: „PROGRAMM: SEITENKANALRESISTENZ IN DER POST-QUANTEN KRYPTOLOGIE“. Rechts daneben ist ein stilisiertes, weißes Symbol eines Vorhängeschlosses zu sehen, das von zwei Pfeilen umrahmt wird, die nach oben zeigen. Unten rechts ist das Logo der „Cyberagentur“ abgebildet, bestehend aus einem stilisierten C und dem Schriftzug „cyberagentur“. Die Farben sind in Violett- und Rosatönen gehalten und wirken modern und technisch. Das Bild thematisiert kryptographische Sicherheit in der Ära der Quantencomputer. Hinweis: Foto: freepik/Cyberagentur
ISEC @ TU Grazisec_tugraz@infosec.exchange
2025-03-03

“KernelSnitch: Side Channel-Attacks on Kernel Data Structures” by Lukas Maar 📄👇
ndss-symposium.org/wp-content/

#NDSSsyposium2025 #SideChannel

ISEC @ TU Grazisec_tugraz@infosec.exchange
2025-03-03

“Power-Related Side-Channel Attacks using the Android Sensor Framework” by Mathias Oberhuber 📄👇
ndss-symposium.org/wp-content/

#NDSSsyposium2025 #SideChannel

ISEC @ TU Grazisec_tugraz@infosec.exchange
2025-03-03

“A Systematic Evaluation of Novel and Existing Cache Side Channels” by @v4m1n 📄👇
ndss-symposium.org/wp-content/

#NDSSsyposium2025 #SideChannel

Blue DeviL // SCTbluedevil@infosec.exchange
2025-02-13

Secure Application Programming in the presence of Side Channel Attacks

Marc Witteman

riscureprodstorage.blob.core.w

#riscure #hardwarehacking #sidechannel

eShardeshard
2025-02-10

Starting the week by shipping out some Hardware Benches to our customers 🚛

hardware bench for side-channel analysis and electromagnetic fault injection
Michael Engelme_@sueden.social
2025-01-28

Yet another side channel attack, this time on Apple Silicon Aarch64: predictors.fail/files/SLAP.pdf

#sidechannel #security #apple #aarch64 #macos

_L4NyrlfL1I0yrlf@graz.social
2025-01-21

Someone found a clever #sidechannel to abuse #Cloudflare CDN caching to reveal the approximate location (~location of next big datacenter) of #Signal and #Discord users by sending them a message/notification with an image in it that is fetched from the CDN:

gist.github.com/hackermondev/4

@signalapp

Bits On Tapebitsontape@privacysafe.social
2025-01-19

Hardware #SideChannel attacks like "electromagnetic fault injection" bypass Apple’s chip defenses. The result? Jailbreaks & #malware on iDevices. #Apple needs to rethink its shielding fast. 🛡️

Keiran Rowellkeiran_rowell
2024-12-20

Cracking encrypted communication with Chatbots like ChatGPT using, ironically, LLMs.

youtu.be/I1RqhGGRmHY

Responses were sent back one word-sized token at a time📨

Merely knowing word lengths is enough to infer whole response paragraphs.

The opening responses sentences are so formulaic you can use an LLM to guess the topic, punctuation was singled out with a special token 😬

This shows how encrypted information is still vulnerable to attacks.

Annual Computer Security Applications ConferenceACSAC_Conf@infosec.exchange
2024-11-28

The first #ACSAC2024 #PaperPreview for today is Weber et al.'s work, which shows that existing HW features can be repurposed to stop ongoing #SideChannel #attacks almost immediately by monitoring the victim: openconf.org/acsac2024/modules
#cybersecurity

Weber et al.'s "No Leakage Without State Change: Repurposing Configurable Cpu Exceptions To Prevent Microarchitectural Attacks"
Annual Computer Security Applications ConferenceACSAC_Conf@infosec.exchange
2024-11-19

The first #ACSAC2024 #PaperPreview today is Ayoub et al.'s Bluescream, where they investigate how an attacker can manipulate #Bluetooth Low Energy to enable the long-distance EM #sidechannel #attack called Screaming Channels: openconf.org/acsac2024/modules
#cybersecurity

Gea-Suan Lingslin@abpe.org
2024-11-15

YubiKey 還在出清有問題的版本

在「YubiKey still selling old stock with vulnerable firmware」這邊看到的,有人提到 YubiKey 還在賣有問題的版本,裡面提到的 blo

blog.gslin.org/archives/2024/1

#Computer #Hardware #Murmuring #Security #Software #attack #channel #compliance #eucleak #fips #firmware #hardware #security #side #sidechannel #sidechannel #vulnerability #vulnerable #yubico #yubikey

Einstein^Diogenes@UniverseLinkazuresaipan@defcon.social
2024-11-10

Can the informaiton leaked by #sidechannel #subconscious - #timespace ever be anonymized scientifically?

They wake you from your dreams (subconscious) to target your daytime (gravity).

Their capabilities aren't really for terrorism, they're for terrorizing.

spaceplace.nasa.gov/gravitatio

ligo.caltech.edu/page/what-are

en.wikipedia.org/wiki/Laser_In

securityaffairs.com/168667/sec

#COSADE #Freemasonry #Time #TerrorismByTheState #Genocide #Privacy #SocialControl #Clock

Michael Engelme_@sueden.social
2024-10-19

More fun with Intel and AMD Spectre side channel attacks...

theregister.com/2024/10/18/spe
comsec.ethz.ch/research/microa

#intel #amd #spectre #sidechannel

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst