Patrick Schleizer: > A number of advanced deanonymization attacks. These do not just apply to > Whonix, but any anonymity system. Some are also general security issues. > > Rather than exploiting bugs in the hypervisor to break out, some of > these attacks rely on the design of the underlying hardware to bypass > privilege separation boundaries and extract (or leak) sensitive > information to the network. No need for alarm, there are many > qualifications to this and details in the listed tickets on proposed > countermeasures. We are interested in cooperation to better assess the > performance impact of the planned fixes. > > - Keystroke Deanonymization: [1] > > - Advanced Attacks Meta ticket: [2] > > -- CPU-induced latency Covert Channel: [3] > > -- Cross-VM cache attacks countermeasures: [4] > > -- DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks: [5] > > -- TCP ISNs and Temperature induced clock skews: [6] > > Cheers, > Patrick > > [1] https://phabricator.whonix.org/T5421 > [2] https://phabricator.whonix.org/T5401
Link correction: https://phabricator.whonix.org/T542 https://phabricator.whonix.org/T540 > [3] https://phabricator.whonix.org/T530 > [4] https://phabricator.whonix.org/T539 > [5] https://phabricator.whonix.org/T541 > [6] https://phabricator.whonix.org/T543 > -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
