meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Friday, July 27th 2018

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 27 July 2018

⏱️ 16 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. NetSpectre; Google Play Outlaws Miners; Japanese Calendar

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Friday, July 27th, 2018 edition of the Sansanet Storm Center's Stormcast.

0:07.6

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

0:12.7

Hey, and imagine that we got a new variation of Spector, actually a new way to exploit Spector.

0:19.8

This particular exploitation technique can happen over

0:23.6

the network and does not require that the attacker has actual access, meaning being able to execute

0:30.7

code on the target system. It just needs some kind of network demon that will respond to packets and this again could be sort of any packet.

0:40.8

What this really relies on is just like the local specter attacks on speculative execution.

0:47.6

But the execution time depends on what happened before on the system and essentially leaks data from the cache. Now in this case

0:57.7

of course the execution time isn't as easy to measure because you have a lot of other

1:03.3

things that happen with network packets like for example inconsistent network

1:08.3

latency but overall this paper proved it can be done. The problem is

1:15.2

the speed isn't really all that impressive. You need hundreds of thousands of bytes to actually

1:21.4

extract one byte of cash. What they measured in sort of more or less real-world scenarios, meaning on a local network,

1:30.5

as well as in Google's cloud, is about 15 bits per hour. In another variation of the attack,

1:39.0

they got this up to 60 bits an hour. And this is the rate that you achieve if you actually sort of saturate

1:46.8

the network. Now, it doesn't sound like a lot of data, but still it's possible, but very noisy.

1:55.0

The authors of the paper from Cross University also point out that, for example, DDoS protections could be used to

2:03.6

protect yourself from this attack. So yes, it's probably yet another reason to vary into

2:09.6

patch specter, but other than that, I wouldn't really worry too much about this particular

2:15.6

exploit vector. One possible use of the attack that the authors propose is to use it to break address space

2:23.2

layout randomization.

2:25.2

Now of course this would make some other vulnerabilities easier to exploit.

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.