Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Hackers’ New Favorite Trick: TIKTAG Attack Outsmarts ARM’s Memory Protection
A new speculative execution attack, TIKTAG, targets ARM’s Memory Tagging Extension (MTE), achieving over 95% success in leaking data. The attack undermines MTE protections, affecting systems like Google Chrome and the Linux kernel. Despite the severity, immediate fixes are yet to be implemented.
Hot Take:
When even your fancy security features need security features, you know we’re in 2023! ARM’s Memory Tagging Extension (MTE) was supposed to be the knight in shining armor for memory corruption, but it turns out, even knights have their Achilles’ heels. Enter TIKTAG, the attack that gives hackers a 95% chance of making your “secure” memory look like Swiss cheese.
Key Points:
- New speculative execution attack named “TIKTAG” targets ARM’s Memory Tagging Extension (MTE).
- Research conducted by experts from Samsung, Seoul National University, and Georgia Tech.
- Two versions of the attack, TIKTAG-v1 and TIKTAG-v2, demonstrated on Linux kernel and Google Chrome’s V8 engine.
- Leaking MTE tags doesn’t directly expose sensitive data but undermines MTE’s protection against memory corruption.
- Industry responses include proposed hardware changes and software mitigations, but no immediate fixes.
Already a member? Log in here