#side-channel

Researchers demonstrated the FROST attack, using SSD timing variations via browser storage to infer user activity with high accuracy.

Source: Kaspersky | FROST Research Paper

A new attack called Whisper Leak shows how hackers can deduce what users discuss with AI chatbots by studying encrypted traffic patterns — revealing topics like politics or money laundering without breaking encryption.

Source: Microsoft Defender Security Research Team | arXiv

Researchers at TEE.fail have shown that low-cost DDR5 interposers can capture memory traffic and extract cryptographic keys from Intel and AMD TEEs, undermining the promised privacy of cloud and confidential computing systems.

Source: TEE.fail | TEE.fail PDF

Maybe don’t be quite so smug, security researchers warn

AMD processors sold between 2011 and 2019 are vulnerable to two side-channel attacks that can extract kernel data and secrets, according to a new research paper.

In a paper [PDF] titled, “Take A Way: Exploring the Security Implications of AMD’s Cache Way Predictors,” six boffins – Moritz Lipp, Vedad Hadžić, Michael Schwarz, and Daniel Gruss…

Camera and microphone attack on smartphones

The researches at the University of Cambridge have published a paper titled “PIN Skimmer: Inferring…

This post further delves in a little more deeply into the cloud. In the last post Dissecting the Cloud –Part 1, I described the analogy of a person partitioning a large house by creating self-contained units through the use of a hypervisor which abstracts…