360 research outputs found
J.R.R. Tolkien and George MacDonald
Traces moral, religious, and creative parallels between MacDonald and Tolkien. Finds that Christianity gives Tolkienâs work âa firm structure and objectivityâ as opposed to the âfervent but rather formless spiritualityâ due to MacDonaldâs romanticism
Reviews
Unfinished Tales of Numenor and Middle-earth. J. R. R. Tolkien. Ed. by Christopher Tolkien. Reviewed by Paul H. Kocher.
The Achievement of C.S. Lewis. Thomas Howard. Reviewed by Nancy-Lou Patterson.
The Silmarillion. J.R.R. Tolkien. Ed. by Christopher Tolkien. Reviewed by Thomas M. Egan
ret2spec: Speculative Execution Using Return Stack Buffers
Speculative execution is an optimization technique that has been part of CPUs
for over a decade. It predicts the outcome and target of branch instructions to
avoid stalling the execution pipeline. However, until recently, the security
implications of speculative code execution have not been studied.
In this paper, we investigate a special type of branch predictor that is
responsible for predicting return addresses. To the best of our knowledge, we
are the first to study return address predictors and their consequences for the
security of modern software. In our work, we show how return stack buffers
(RSBs), the core unit of return address predictors, can be used to trigger
misspeculations. Based on this knowledge, we propose two new attack variants
using RSBs that give attackers similar capabilities as the documented Spectre
attacks. We show how local attackers can gain arbitrary speculative code
execution across processes, e.g., to leak passwords another user enters on a
shared system. Our evaluation showed that the recent Spectre countermeasures
deployed in operating systems can also cover such RSB-based cross-process
attacks. Yet we then demonstrate that attackers can trigger misspeculation in
JIT environments in order to leak arbitrary memory content of browser
processes. Reading outside the sandboxed memory region with JIT-compiled code
is still possible with 80\% accuracy on average.Comment: Updating to the cam-ready version and adding reference to the
original pape
A latent variable approach to potential outcomes for emergency department admission decisions
Peer Reviewedhttps://deepblue.lib.umich.edu/bitstream/2027.42/151329/1/sim8210.pdfhttps://deepblue.lib.umich.edu/bitstream/2027.42/151329/2/sim8210_am.pd
Adding Salt to Pepper: A Structured Security Assessment over a Humanoid Robot
The rise of connectivity, digitalization, robotics, and artificial
intelligence (AI) is rapidly changing our society and shaping its future
development. During this technological and societal revolution, security has
been persistently neglected, yet a hacked robot can act as an insider threat in
organizations, industries, public spaces, and private homes. In this paper, we
perform a structured security assessment of Pepper, a commercial humanoid
robot. Our analysis, composed by an automated and a manual part, points out a
relevant number of security flaws that can be used to take over and command the
robot. Furthermore, we suggest how these issues could be fixed, thus, avoided
in the future. The very final aim of this work is to push the rise of the
security level of IoT products before they are sold on the public market.Comment: 8 pages, 3 figures, 4 table
Far Field EM Side-Channel Attack on AES Using Deep Learning
We present the first deep learning-based side-channel attack on AES-128 using far field electromagnetic emissions as a side channel. Our neural networks are trained on traces captured from five different Bluetooth devices at five different distances to target and tested on four other Bluetooth devices. We can recover the key from less than 10K traces captured in an office environment at 15 m distance to target even if the measurement for each encryption is taken only once. Previous template attacks required multiple repetitions of the same encryption. For the case of 1K repetitions, we need less than 400 traces on average at 15 m distance to target. This improves the template attack presented at CHES\u272020 which requires 5K traces and key enumeration up to
SMoTherSpectre: exploiting speculative execution through port contention
Spectre, Meltdown, and related attacks have demonstrated that kernels,
hypervisors, trusted execution environments, and browsers are prone to
information disclosure through micro-architectural weaknesses. However, it
remains unclear as to what extent other applications, in particular those that
do not load attacker-provided code, may be impacted. It also remains unclear as
to what extent these attacks are reliant on cache-based side channels.
We introduce SMoTherSpectre, a speculative code-reuse attack that leverages
port-contention in simultaneously multi-threaded processors (SMoTher) as a side
channel to leak information from a victim process. SMoTher is a fine-grained
side channel that detects contention based on a single victim instruction. To
discover real-world gadgets, we describe a methodology and build a tool that
locates SMoTher-gadgets in popular libraries. In an evaluation on glibc, we
found hundreds of gadgets that can be used to leak information. Finally, we
demonstrate proof-of-concept attacks against the OpenSSH server, creating
oracles for determining four host key bits, and against an application
performing encryption using the OpenSSL library, creating an oracle which can
differentiate a bit of the plaintext through gadgets in libcrypto and glibc
- âŠ