Webinar: RIDL Rogue In-flight Data Load
ti 18 august | 14:00 - 14:45
Online
Speculative execution bugs in modern CPUs popped up out of nowhere, but the worst of the nightmare appears to be over. While Spectre-style attacks will be with us forever, a variety of mitigations have been implemented to protect us against Intel CPU vulnerabilities such as Meltdown and Foreshadow. Browser vendors have implemented process isolation, and Intel even have silicon fixes in their latest CPUs. Do you feel safe? We destroy these mitigations by taking a skeptical look at their assumptions, and reveal that unprivileged userspace applications can steal data by simply ignoring security boundaries.

Using our RIDL attacks, we'll steal secrets from SGX using just a bit of JavaScript in a web browser, grab /etc /shadow from another VM without even thinking about the hypervisor in the middle, and despair about our speculatively executed future.

Upon signing up for the webinar you will receive an email on the day of the talk with a link to the Vimeo livestream. In order to access the chat-function and join in on the live-debate during the webinar you must log in as a guest or register a user profile on vimeo.

PLEASE NOTE: the chat display is not available on mobile devices.

If you miss the LIVE action, you can always watch the recorded webinar subsequently on infosecurity.dk
test
Cyber Security, Hacking and Cyber Crime
Privacy, Compliance, Governance & Risk Management
Speaker
Sebastian Osterlund
ph.D. - Vrije Universiteit Amsterdam