36 Years of the Digest ... founded August 21, 1981
Copyright © 2017 E. William Horne. All Rights Reserved.

The Telecom Digest for Tue, 09 Jan 2018
Volume 37 : Issue 7 : "text" format

Table of contents
Project Zero: Reading privileged memory with a side-channel Monty Solomon
MeltdownMonty Solomon
Re: Colorado city beats cable lobby, moves ahead ...Neal McLain
---------------------------------------------------------------------- Message-ID: <E2BE38E6-C69B-4E7B-B92E-32D5DCC92A53@roscom.com> Date: Sun, 7 Jan 2018 23:57:07 -0500 From: Monty Solomon <monty@roscom.com> Subject: Project Zero: Reading privileged memory with a side-channel Reading privileged memory with a side-channel Posted by Jann Horn, Project Zero Wednesday, January 3, 2018 We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models, we have exploits that work against real software. We reported this issue to Intel, AMD and ARM on 2017-06-01 [1]. So far, there are three known variants of the issue: Variant 1: bounds check bypass (CVE-2017-5753) Variant 2: branch target injection (CVE-2017-5715) Variant 3: rogue data cache load (CVE-2017-5754) Before the issues described here were publicly disclosed, Daniel Gruss, Moritz Lipp, Yuval Yarom, Paul Kocher, Daniel Genkin, Michael Schwarz, Mike Hamburg, Stefan Mangard, Thomas Prescher and Werner Haas also reported them; their [writeups/blogposts/paper drafts] are at: Spectre (variants 1 and 2) Meltdown (variant 3) https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html ------------------------------ Message-ID: <15B545FD-4688-41B7-99D1-C1A4DCEF8FF5@roscom.com> Date: Sun, 7 Jan 2018 23:37:09 -0500 From: Monty Solomon <monty@roscom.com> Subject: Meltdown Meltdown Abstract The security of computer systems fundamentally relies on memory isolation, e.g., kernel address ranges are marked as non-accessible and are protected from user access. In this paper, we present Meltdown. Meltdown exploits side effects of out-of-order execution on modern processors to read arbitrary kernel-memory locations including personal data and passwords. Out-of-order execution is an indispensable performance feature and present in a wide range of modern processors. The attack is independent of the operating system, and it does not rely on any software vulnerabilities. Meltdown breaks all security assumptions given by address space isolation as well as paravirtualized environments and, thus, every security mechanism building upon this foundation. On affected systems, Meltdown enables an adversary to read memory of other processes or virtual machines in the cloud without any permissions or privileges, affecting millions of customers and virtually every user of a personal computer. We show that the KAISER defense mechanism for KASLR [8] has the important (but inadvertent) side effect of impeding Meltdown. We stress that KAISER must be deployed immediately to prevent large-scale exploitation of this severe information leakage. https://meltdownattack.com/meltdown.pdf ------------------------------ Message-ID: <cce4c249f84b4b20daf11f4026c6cddb.squirrel@email.fatcow.com> Date: Mon, 8 Jan 2018 02:03:54 -0600 From: "Neal McLain" <nmclain.remove-this@and-this-too.annsgarden.com> Subject: Re: Colorado city beats cable lobby, moves ahead ... On Saturday, January 6, 2018 at 10:11:25 PM UTC-6, Bill Horne wrote: > After beating cable lobby, Colorado city moves ahead with > muni broadband. Fort Collins plans universal broadband, > net neutrality, and gigabit speeds. > https://arstechnica.com/tech-policy/2018/01/colorado-city-to-build-fiber-broadband-network-with-net-neutrality/ This article, like numerous other articles about municipal broadband, fails to mention an important fact: City of Fort Collins already operates its own electric power utility. Thus, it already owns (or has easements for) the rights-of-way, the physical infrastructure (poles, ducts, manholes, towers, buildings), and the administrative infrastructure (customer service, billing, vehicle administration, personnel administration, state sales tax exemption, lines of credit or other means of financing capital projects). It already has employees dedicated to operating, maintaining and extending the infrastructure. And, most significantly, as a municipal corporation it does not have to generate a profit. All of these factors make it possible for a city or a county to finance, build and operate a broadband network at lower cost than a for-profit corporation. Fort Collins Utilities certainly isn't unique. Numerous municipalities that own electric power utilities have added fiber broadband networks to their existing electricity distribution infrastructure. Perhaps the best known example is Electric Power Board of Chattanooga, owned by the City of Chattanooga, Tennessee. EPB owns and operates the electric power network and has overlaid a fiber communications network on the power distribution network. https://tinyurl.com/EPB-Tennessee Some cities operate their own cable TV networks in addition to electric power utilities. Wayandotte, Michigan and Jackson, Minnesota are examples. These cities already had the infrastructure for internet- over-coax even before they overlaid fiber networks. Wayandotte now operates its own fiber network as part of its telecommunications utility. http://www.wyan.org/Our-History.aspx Jackson is now a member of the Southwest Minnesota Broadband Services network, an organization that provides cable TV and broadband internet- over-fiber to eight cities in southwest Minnesota, including Jackson. https://tinyurl.com/SWMBS Back in 1990s, before I retired and moved to Texas, I worked for a company that provided technical consulting services to cable TV companies. City of Jackson was one of our clients. I spent many days in Jackson, assisting them with their city-owned cable TV network. Jackson's cable TV operation was part of the public works department, the same department that ran electric power distribution, water distribution, sanitary sewers, storm sewers, roads, streets, and bridges. I was struck by the way in which the cable TV operation was so closely integrated into the department. The department's employees all wore the same uniforms, all belonged to the same union local, all drove identical city-owned service vehicles, and all met for coffee in the warehouse every morning. The warehouse reflected this close integration: cable TV amplifiers shared space with water meters, electric meters, water valves, traffic signals, power insulators, tower lights, streetlights, stop signs, pole hardware, and I don't recall what else. The outdoor storage yard was a similar melange: rolls of power cables, rolls of coax cables, sewer grates, fire hydrants, poles, pole crossarms, more signs, all neatly arranged in rows. Neal McLain ------------------------------ ********************************************* End of telecom Digest Tue, 09 Jan 2018

Telecom Digest Archives