Representatives of the Vrije University of Amsterdam, a UNICORE member, Herbert Bos and Cristiano Giuffrida, along with Enes Goktas and Georgios Portokalidis (Stevens Institute of Technology), and Kaveh Razavi (ETH Zurich), presented the session “Speculative Probing: Hacking Blind in the Spectre Era“, at the online ACM Conference on Computer and Communications Security (CCS) on november 12th.
This conference is the flagship annual conference of the Special Interest Group on Security, Audit and Control (SIGSAC) of the Association for Computing Machinery (ACM). The conference brings together information security researchers, practitioners, developers, and users from all over the world to explore cutting-edge ideas and results.
In their talk, they showed how the Spectre era enables an attacker armed with a single memory corruption vulnerability to hack blind without triggering any crashes. They algo explained that using speculative execution for crash suppression allows the elevation of basic memory write vulnerabilities into powerful speculative probing primitives that leak through microarchitectural side effects.
Make sure you check out the conference program!