1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Arm hardware security systems might not be as tough as it thinks

    From TechnologyDaily@1337:1/100 to All on Tue Jun 18 15:00:05 2024
    Arm hardware security systems might not be as tough as it thinks

    Date:
    Tue, 18 Jun 2024 14:45:26 +0000

    Description:
    Recently introduced Arm security feature can be bypassed to steal
    confidential data, researchers claim.

    FULL STORY ======================================================================

    New research has detailed a novel way to bypass a security feature built into ARM chips.

    A team of cybersecurity researchers from Samsung, Seoul National University, and the Georgia Institute of Technology, named the new approach TIKTAG, since it works around the Memory Tagging Extension (MTE) tool.

    Apparently, the success rate of the method is 95%, and it works rather quickly. The researchers were successful on both Linux and Chrome kernels, it was added. High success rate

    Memory Tagging Extension (MTE) is a hardware security feature designed to improve memory safety by detecting and preventing common types of memory-related errors in software (think buffer overflows, use-after-free,
    and similar).

    It was introduced in ARM v8.5-A, and is apparently quite relevant for operating systems, browsers, and other large applications where memory safety bugs can result in data leakage.

    It works by assigning small tags to memory chunks. By making sure the tag matches the accessed memory region, MTE essentially protects against memory corruption. However, through speculative execution, the researchers managed
    to leak MTE memory tags, with quite a good success rate, too.

    The team reported their findings to ARM and Google in late 2023 and,
    according to BleepingComputer , received positive responses but no immediate fixes.

    "As Allocation Tags are not expected to be a secret to software in the
    address space, a speculative mechanism that reveals the correct tag value is not considered a compromise of the principles of the architecture," ARM said. Google said something in a similar vein, stating that the V8 sandbox never guaranteed the confidentiality of memory data and MTE tags.

    The research paper suggests a series of mitigations, which include modifying hardware design, inserting speculation barriers, adding padding instructions, and more. You can read the full list on this link . More from TechRadar Pro ARM warns Mali GPUs are being attacked so patch now Here's a list of the
    best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/arm-hardware-security-systems-might-not -be-as-tough-as-it-thinks


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)