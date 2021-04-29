Security Leftovers
Google detail 'Half-Double', a new Rowhammer vulnerability for DRAM | GamingOnLinux
Is nothing sacred any more? Gosh, there's vulnerabilities everywhere. Just when you thought you were safe after updating to protect your CPU, now there's this. Thought RAM vendors had fixed Rowhammer from 2014? Think again, it's back with Half-Double.
As a reminder: Rowhammer is a DRAM vulnerability whereby repeated accesses to one address can tamper with the data stored at other addresses. It's kinda similar to the speculative execution vulnerabilities in CPUs. This newer Half-Double attack vector "capitalizes on the worsening physics of some of the newer DRAM chips" which sounds quite terrible.
M1RACLES: Apple M1 Exposed To Covert Channel Vulnerability
Apple's shiny new in-house M1 Arm chip is the latest processor challenged by a security vulnerability. The "M1RACLES" vulnerability was made public today as a covert channel vulnerability by where a mysterious register could leak EL0 state.
The M1RACLES vulnerability is assigned as CVE-2021-30747. This vulnerability is summed up as, "A flaw in the design of the Apple Silicon “M1” chip allows any two applications running under an OS to covertly exchange data between them, without using memory, sockets, files, or any other normal operating system features. This works between processes running as different users and under different privilege levels, creating a covert channel for surreptitious data exchange...The ARM system register encoded as s3_5_c15_c10_1 is accessible from EL0, and contains two implemented bits that can be read or written (bits 0 and 1). This is a per-cluster register that can be simultaneously accessed by all cores in a cluster. This makes it a two-bit covert channel that any arbitrary process can use to exchange data with another cooperating process."
Asahi Linux Dev Reveals ‘M1RACLES’ Flaw in Apple M1, Pokes Fun at Similar Flaws
Asahi Linux developer Hector Martin has revealed a covert channel vulnerability in the Apple M1 chip that he dubbed M1RACLES, and in the process, he’s gently criticized the way security flaws have started to be shared with the public.
Martin’s executive summary for M1RACLES sounds dire: “A flaw in the design of the Apple Silicon ‘M1’ chip allows any two applications running under an OS to covertly exchange data between them, without using memory, sockets, files, or any other normal operating system features. This works between processes running as different users and under different privilege levels, creating a covert channel for surreptitious data exchange. […] The vulnerability is baked into Apple Silicon chips, and cannot be fixed without a new silicon revision.“ (Emphasis his.)
Andrea Scarpino's blog: Sharing your loan details to anyone
A week ago, I blogged about a vulnerability in a platform that would allow anyone to download users’ amortisation schedules. This was a critical issue, but it wasn’t really exploitable in the wild as it included a part where you had to guess the name of the document to download.
I no longer trust that platform so I went to their website to remove my loan data from it, but apparently this isn’t possibile via the UI.
I also opened a ticket on their support platform to request removal and they replied that it isn’t possible.
More in Tux Machines
Android Leftovers
Programming Leftovers
Proprietary Software and More
Benchmarking AMD Ryzen 5 5500U Linux Performance With A $450 Lenovo Laptop
The AMD Ryzen 5 5500U with six cores / twelve threads within a Lenovo laptop at $449 USD is quite a steal. This is also my first time benchmarking the AMD Ryzen 5 5500U after waiting months on Ryzen 5000 series laptop availability. Here are some initial benchmarks of the Ryzen 5 5500U under Ubuntu 21.04 Linux against various other Intel/AMD laptops. The Ryzen 5 5500U is a Zen 2 based laptop processor rather than Zen 3 with the higher-end 5000 series models. However, over the previous-generation Ryzen 5 4500U, there is now SMT to offer 12 threads rather than 6/6 with the prior generation. The 5500U though carries a 2.1GHz base frequency rather than the 2.3GHz base with the 4500U while both have a turbo up to 4.0GHz. The 5500U also has the benefit of a 64K L1 cache per core rather than 32K.
