A number of advanced deanonymization attacks. These do not just apply to Whonix, but any anonymity system. Some are also general security issues.
Rather than exploiting bugs in the hypervisor to break out, some of these attacks rely on the design of the underlying hardware to bypass privilege separation boundaries and extract (or leak) sensitive information to the network. No need for alarm, there are many qualifications to this and details in the listed tickets on proposed countermeasures. We are interested in cooperation to better assess the performance impact of the planned fixes. - Keystroke Deanonymization: [1] - Advanced Attacks Meta ticket: [2] -- CPU-induced latency Covert Channel: [3] -- Cross-VM cache attacks countermeasures: [4] -- DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks: [5] -- TCP ISNs and Temperature induced clock skews: [6] Cheers, Patrick [1] https://phabricator.whonix.org/T5421 [2] https://phabricator.whonix.org/T5401 [3] https://phabricator.whonix.org/T530 [4] https://phabricator.whonix.org/T539 [5] https://phabricator.whonix.org/T541 [6] https://phabricator.whonix.org/T543 -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/223098a5-2d87-d185-c889-db8ed7349998%40riseup.net. For more options, visit https://groups.google.com/d/optout.
