Are Qubes/Xen vulnerable to new DRAMA attack?

92 views
Skip to first unread message

Eva Star

unread,
Nov 10, 2016, 6:28:33 AM11/10/16
to qubes-users

Subj
https://github.com/IAIK/drama

raah...@gmail.com

unread,
Nov 10, 2016, 12:38:58 PM11/10/16
to qubes-users
On Thursday, November 10, 2016 at 6:28:33 AM UTC-5, Eva Star wrote:
> Subj
> https://github.com/IAIK/drama

All systems probably are.

raah...@gmail.com

unread,
Nov 10, 2016, 12:41:03 PM11/10/16
to qubes-users, raah...@gmail.com

maybe AEM will help detect something.

Chris Laprise

unread,
Nov 10, 2016, 12:50:54 PM11/10/16
to raah...@gmail.com, qubes-users
I think it would. This is where AEM shines.

Chris

Chris Laprise

unread,
Nov 10, 2016, 1:13:10 PM11/10/16
to raah...@gmail.com, qubes-users
...Provided the specific attack was against BIOS firmware or initial
boot file (TCB).

Chris

Sec Tester

unread,
Nov 11, 2016, 10:37:44 PM11/11/16
to qubes-users, raah...@gmail.com, tas...@openmailbox.org
Perhaps another reason why VM's shouldn't have default root access?

"taskset 0x2 sudo ./measure -p 0.7 -s 16."

Chris Laprise

unread,
Nov 12, 2016, 1:43:15 AM11/12/16
to Sec Tester, qubes-users, raah...@gmail.com
On 11/11/2016 10:37 PM, Sec Tester wrote:
> Perhaps another reason why VM's shouldn't have default root access?
>
> "taskset 0x2 sudo ./measure -p 0.7 -s 16."

This really needs root to work?! This could be important... these
rowhammer vulns have become BAD.

Chris
Reply all
Reply to author
Forward
0 new messages