![]() ![]() ![]() In this case, the researchers leveraged the information exposed by the Dynamic Voltage and Frequency Scaling (DVFS) mechanism that is present on nearly all modern chips. ![]() The researchers' paper, 'Hot Pixels: Frequency, Power, and Temperature Attacks on GPUs and Arm SoCs ,' demonstrates using a side-channel attack, which is a type of attack that allows exfiltrating data by measuring certain physical emissions of a computer. However, the researchers note that further work could speed up the process, and this is typically how a broad class of attacks begin to be exploited - a proof of concept proving that the tactic works, and then rapid acceleration by other researchers and/or nefarious actors. The researchers' current attack methods serve as a proof of concept, but luckily data exfiltration rates are very low with the current method, and if a user had direct access to the system, such as required here, they would likely target easier attack surfaces. In this manner, an unprivileged user could gain access to privileged data. The attack requires data from the PC's internal power, temp, and frequency sensors, but this information can be accessed from local user accounts that don't have administrator access. A team of security researchers funded in part by DARPA and the US Air Force has demonstrated tactics that allowed them to steal data from Arm CPUs from Apple and Qualcomm, and also from discrete GPUs from Nvidia and AMD and integrated graphics in Intel and Apple chips, by monitoring chip temperature, power, and frequency during normal operation. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |