Skim Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems to see if it counts as a privacy-breaking side-channel #55
Milestone
Comments
|
This is a really weird threat model: The OS is malicious, but the hypervisor and application running on the OS are not, and you want to defend the application from the OS. |
|
Holy shit this is cool, it uses page faults to monitor which pages of memory are being accessed over time. For example page-granularity view of code execution in FreeType leaks the characters, and they extract text contents that way. If that's possible, unless the code runes too fast, I'm betting it's possible to do this using Flush+Reload. Opened #60. |
|
Done. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No description provided.
The text was updated successfully, but these errors were encountered: