From owner-freebsd-questions@freebsd.org Wed May 15 07:24:56 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5611815AD726; Wed, 15 May 2019 07:24:56 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-it1-x143.google.com (mail-it1-x143.google.com [IPv6:2607:f8b0:4864:20::143]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5EF3576ECB; Wed, 15 May 2019 07:24:55 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by mail-it1-x143.google.com with SMTP id i10so3262782ite.0; Wed, 15 May 2019 00:24:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=ff2vnuTJ8mVasrGzW/jV7iv0+IfZqncyo3mRVX58xZc=; b=K0iZt629PfrbftqB4vzxsIC9/G/rg/WToYNXLtuGd5ai1rtt8/CsmzDM5L33WT9xdR EZYcceq2f9hEHj918HovmFuaolzmB56guQJ/1pWinFW8npoilPVxEnh7loDriUbWm7kB 8IS/lD3GhoPF+VWSv9yvs+Sl5c7aI7n3KLeOanbqTUFLI+hVP8ODTxYiLhPOGujp9ZzR n+X8stC2lcT5GpYeaOFtslf/T3vSMz3gBEtubJf65XCE6yQhzI9K4fjFiBxS6c3YWdyu MSFE98GuXo9rKfAspF3zHyrfVw/TVsNHhS9OMfr/ytxM4SrzgaLFrJooSbrqsYK3R/8Q s6Lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=ff2vnuTJ8mVasrGzW/jV7iv0+IfZqncyo3mRVX58xZc=; b=h6Vl/bpjEsrBGdOZHQMtmVykqeQRyw8C+h1ES6N1Ljala06do2WACnUoBWsCirESbo 5lvoAtgBoD4IwkdbrKJ2ueo5/JV/qAsUJgcXmxzDemezL2xLsmu1yE7aoSHzNm+Iz2pH eTW1QfCUUBzBRMRDxT23fzxx9vO0x+W37ZlOoYPyQqzSi30dD68enpz/tyH+VjbN84kB p27hxJWf6YzA8YpX6vrlhljEfYEk2USugcpEkXMYF4UzUkhC/eQ1ou+/ErR0bJkGjXTc Ok4nKKjq3EBPZ70mPrh0HVazztUYnHd7XzV2L+3cfCRZIDz3UxDwWOXV7Sl6muCY3ikR Ly3A== X-Gm-Message-State: APjAAAXZUMZRWy0PQmwXWQqcWu3EopUIKqul4pp9Cp/vdOGQr0l1WfzB k0jAMYuJ4AyAWWXOVfdJSNTaFchvrf+YFpZSwmxmhna3 X-Google-Smtp-Source: APXvYqw/oLTRcXUXBaEuDzhRcZ+oSHCd+iy8GAO1fKmdLOielmzktjf+ZVECCUNAnncsgjjPmSuoOmBISZs+8jPwhjo= X-Received: by 2002:a24:ac11:: with SMTP id s17mr6412332ite.132.1557905094444; Wed, 15 May 2019 00:24:54 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a02:a619:0:0:0:0:0 with HTTP; Wed, 15 May 2019 00:24:54 -0700 (PDT) From: grarpamp Date: Wed, 15 May 2019 03:24:54 -0400 Message-ID: Subject: ZombieLoad Attack: Intel Exploits You... Again! To: freebsd-security@freebsd.org Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 5EF3576ECB X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=K0iZt629; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of grarpamp@gmail.com designates 2607:f8b0:4864:20::143 as permitted sender) smtp.mailfrom=grarpamp@gmail.com X-Spamd-Result: default: False [-0.06 / 15.00]; R_SPF_ALLOW(0.00)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; URIBL_RED(3.50)[zombieloadattack.com.multi.uribl.com]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(0.00)[gmail.com,none]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; SUBJECT_ENDS_EXCLAIM(0.00)[]; NEURAL_HAM_SHORT(-0.89)[-0.892,0]; HAS_ANON_DOMAIN(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(-0.79)[ip: (1.64), ipnet: 2607:f8b0::/32(-3.26), asn: 15169(-2.27), country: US(-0.06)]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.987,0]; R_DKIM_ALLOW(0.00)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.986,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; BAD_REP_POLICIES(0.10)[]; RCVD_IN_DNSWL_NONE(0.00)[3.4.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 May 2019 07:24:56 -0000 https://zombieloadattack.com/ https://zombieloadattack.com/zombieload.pdf https://www.cyberus-technology.de/posts/2019-05-14-zombieload.html https://github.com/IAIK/ZombieLoad https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12130 https://www.youtube.com/watch?v=wQvgyChrk_g FreeBSD people... See linux patches in and update your microcode, ports, etc. ZombieLoad Attack Watch out! Your processor resurrects your private browsing-history and other sensitive data. After Meltdown, Spectre, and Foreshadow, we discovered more critical vulnerabilities in modern processors. The ZombieLoad attack allows stealing sensitive data and keys while the computer accesses them. While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs. These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys. The attack does not only work on personal computers but can also be exploited in the cloud. We verified the ZombieLoad attack on Intel processor generations released from 2011 onwards. ZombieLoad in Action In our demo, we show how an attacker can monitor the websites the victim is visiting despite using the privacy-protecting Tor browser in a virtual machine.