David Egts’ Post

🚀 Antmicro's collaboration with Google has led to the development of an open-source DDR5 memory tester, enhancing data center security by enabling research into DDR5 vulnerabilities. The tester, equipped with an AMD-Xilinx Kintex-7 FPGA, allows for comprehensive testing of DDR5 RDIMMs, crucial for mitigating Rowhammer attacks. 🔍 The DDR5 tester's design and capabilities are detailed on Antmicro's Open Hardware Portal, showcasing its potential for advancing memory security in data centers. With the rise of open hardware, Antmicro's efforts exemplify the power of transparency in tech innovation. 💡 Interested in memory security or need engineering services for your next project? Reach out to Antmicro at contact@antmicro.com. #OpenHardware #FPGA #DDR5 #DataCenterSecurity #Innovation #Antmicro #Google #Xilinx 🤔 How do you see open-source hardware shaping the future of data center security? Let's discuss! https://lnkd.in/dAjzVk43

Great work Pascal Nasahl! It takes a lot of resources to harden hardware against physical attacks. lowRISC's Ibex core has gone through extensive pre-silicon evaluation and we are in the process of evaluating our first silicon implementation. The following artifacts are a great demonstration of pre-silicon evaluation. Here is the security report https://lnkd.in/gaceBTem, and the associated fix: https://lnkd.in/gFR9yA5J

Is it possible to STOP ALL MICROARCHITECTURAL SIDE CHANNELS? As computer architects, I think we need to seriously consider this question. To underscore my point, please consider one of the LOUDEST (and MOST BENEFICIAL) microarchitectural side channels in existence, the AXV2 POWER-GATING SIDE CHANNEL. The AVX2 vector unit in Intel CPUs is a large and power-hungry unit. To reduce its overall power requirements, especially for programs that do not use vectors, the AVX2 unit's upper 128-bits is powered down if no AVX2 instructions execute for more than 1ms. This logic is part of the CPU's power-gating logic, and it forms one of the LOUDEST PURE MICROARCHITECTURAL SIDE CHANNELS. Once the power-rail of the upper AVX2 unit bleeds off all of its energy, it take about 350 CYCLES TO RECHARGE ITS POWER RAILS. This latency is paid by the FIRST 256-BIT AVX2 INSTRUCTION that executes after power-down. Researchers who made the NetSpectre attack utilized this deafeningly loud side channel to perform Spectre attacks remotely. I've included their Spectre gadget in the figure below - the gadget executes a 256-bit AVX2 instruction to communicate out a "1" bit (leading to the attacker NOT seeing the power-up latency), and it doesn't execute a 256-bit AVX2 instruction to communicate out a "0". Here is MY QUESTION to computer architects and security engineers: Should designers stop this side channel? If the answer is "yes", how does one stop this side channel? By eliminating all execution-adaptive power gating? (I hope not, since adaptive power gating makes for a greener chip!) And if answer is "no", then how does one prevent attackers from exploiting this side channel? And on a related note, who on the design team should be responsible for eliminating/mitigating this side channel? I would love to hear your thoughts on these intriguing questions! You can read the NetSpectre paper here: https://lnkd.in/dtak9YbQ #security #sidechannels #computerarchitecture #lowpower #eda #hardwaresecurity #microarchitecture #hacking

A group of academic researchers has discovered a pair of novel attack methods that can compromise AES encryption on some Intel CPUs.  Dubbed Pathfinder, the techniques can allow attackers to reconstruct program control flow history and launch high-resolution Spectre attacks.  Pathfinder targets the Path History Register (PHR) in the branch predictor and forces branch mispredictions that cause the targeted program to execute unintended code paths.  By introducing new primitives, the technique allows attackers to manipulate the PHR as well as prediction history tables (PHTs) to leak historical execution data to eventually trigger a Spectre-style attack.  https://lnkd.in/gVbxBaAt

BadRAM is a novel attack that creates aliases in the physical address space of DRAM modules. By manipulating the Serial Presence Detect (SPD) chip on a memory module, an attacker can trick the system into thinking the DRAM is larger than it actually is. Serial Presence Detect (SPD) is a critical feature in RAM modules that stores essential information about the memory’s specifications in an EEPROM chip, typically ranging from 128 to 1024 bytes. The SPD contains key parameters such as manufacturer data, memory capacity, speed ratings, and timing parameters, allowing the system’s BIOS to configure the memory for optimal performance automatically. https://lnkd.in/dKChyECf

Remain Sane PC IT Back Together, LLC Will Fix The Pain! Do you run a small business? Looking to get out of being suckered into contracts or monthly? Start spending time on the equipment since average life in machines is 2-5 years. Invest in the machine and get the job done in a 1/10 of the time vs having your employee sit and waste time. The 14th generation of Intel CPUs are out, so if you go in the Control Panel and System, and using an Intel Chip, look at the number after the i3 or i5 or i7 hope its not below 9000 if so you need to upgrade! Start 2025 right and lets get a bunch of changes and you'll benefit in the long run! Also, hope you are using Carbonite or Ibackup as well, we resell both and keep your data protected! Since too many hackers and scammers out there and we can't get 300K a head and track them down!

Last week I was at the #FPGA Conference. New FPGAs from Altera, malware hidden in bitstreams, low #power devices and some guys making their own FPGA. In this article I tell you the highlights of the 2024 edition. Check it out! https://lnkd.in/dXp6QEgx

If you want to get into hardware hacking, it always requires power so understanding power regulation and DC-DC converters for your circuits can help. This is a good intro article of some of the concepts and options. #hardware #power #ee #electricalengineering

My Take: This is an interesting article from The South China Morning Post about the RISC-V open-source chip architecture. RISC-V is an increasingly popular processor design that many companies and countries, including China, have adopted or plan to adopt as an alternative to proprietary architectures like Intel's x86 and AMD's x86. The RISC-V SonicBOOM open-source code has a vulnerability that can be exploited to bypass security protections in modern processors and operating systems. This could lead to data theft and privacy breaches. China's CNCERT emergency response team reported the flaw in April 2024, and NPU provided further details in May 2024. The real risk is that this newly discovered vulnerability in RISC-V, which China is betting on for its semiconductor self-sufficiency, could expose any systems and critical infrastructure using this technology to potential data breaches and cyber-attacks if not adequately mitigated. Citations: https://lnkd.in/gCTjkKbJ find security risk in RISC-V open-source chip architecture that China hopes can help side.pdf https://lnkd.in/giSfk5Ub

Since #Meltdown and #Spectre (and their variants) we are frequently hearing about new attack variants based on speculative execution in processors. Those are hardware bugs, not software. The software can frequently mitigate them. Recently, Intel released a details article about ways to write secure code in the presence of speculative execution: https://lnkd.in/e5MavSaU The document is a heavy read, but it can be a useful reference for low-level developers! #security #hardware #speculative