|=------------------------------------------------------------------------------------------------=|

 ########  ######## ########  ######   #######  ##    ##    ########   #######  ##     ## ######## 
 ##     ## ##       ##       ##    ## ##     ## ###   ##    ##     ## ##     ## ###   ### ##       
 ##     ## ##       ##       ##       ##     ## ####  ##    ##     ## ##     ## #### #### ##       
 ##     ## ######   ######   ##       ##     ## ## ## ##    ########  ##     ## ## ### ## ######   
 ##     ## ##       ##       ##       ##     ## ##  ####    ##   ##   ##     ## ##     ## ##       
 ##     ## ##       ##       ##    ## ##     ## ##   ###    ##    ##  ##     ## ##     ## ##       
 ########  ######## ##        ######   #######  ##    ##    ##     ##  #######  ##     ## ######## 
 
|=------------------------------------------------------------------------------------------------=|

                                 DEF CON group 11396 @ Rome, Italy
                                
                               [Main] [Meetings] [Posts] [Projects] 


|=--------------------------------------=[ February 2019 ]=---------------------------------------=|

by malweisse
This is the 5th meeting of the DEF CON group. Date and location: February 22th from 5 p.m. to 7 p.m. in the B2 room at the Department of Computer, Control, and Management Engineering (DIAG) Antonio Ruberti at Sapienza University of Rome. The schedule is: ---[ Transient Execution Attacks explained to your Grandma, by anticlockwise We will dive into how modern processor optimizations such as branch prediction and out-of-order execution may lead to leak of secrets through the CPU’s microarchitectural state. Numerous attacks have been proposed, and we will give an overview of the state of the art of these techniques. Slides link: https://docs.google.com/presentation/d/1DylZk40ixblYL1y1xq4rmz1qu_wn1TpRAeiBo3D9DbQ/edit?usp=sharing ---[ Foreshadow-VMM: Breaking Virtual Machines Isolation, by marcux_95 On August 14, 2018, a new set of vulnerabilities collectively named "L1 terminal fault" were announced. Systems with microprocessors utilizing out-of-order execution could allow unauthorized disclosure of information residing in the L1 data cache, by breaking the virtual memory abstraction. The vulnerability was mentioned for three different scenarios, the most complex one among the three being the "VMM" case of an attacker residing in a Virtual Machine (VM), and targeting information leakage from the host OS and other independent VMs. In the talk, we will analyze the critical aspects of the attack and discuss a possible solution to replicate the attack. Slides link: https://drive.google.com/file/d/1CEPr9Av2DafAe5NH4c6cBV6fGe8pcB9B/view?usp=sharing