Some of Our Sources
- BoingBoing
- Engadget
- The Logo Smith
- You The Designer
- Fuel Your Creativity
- Naldz Graphics
- Reencoded
- Design Modo
- Willems Lab
- Hashedout
Help Webnuz
Referal links:
August 14, 2016 06:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/-i1I__00Tto/researchers-warn-linux-vendors-about-cloud-memory-hacking-trick
Researchers Warn Linux Vendors About Cloud-Memory Hacking Trick
An anonymous Slashdot reader writes:Hacking researchers have uncovered a new attack technique which can alter the memory of virtual machines in the cloud. The team, based at Vrije Universiteit, Amsterdam, introduced the attack, dubbed Flip Feng Shui (FFS)...and explained that hackers could use the technique to crack the keys of secured VMs or install malicious code without it being noticed... Using FFS, the attacker rents a VM on the same host as their chosen victim. They then write a memory page which they know exists on the vulnerable memory location and let it de-duplicate. The identical pages, with the same information, will merge in order to save capacity and be stored in the same part of memory of the physical computer. This allows the hacker to change information in the general memory of the computer. The researchers demonstrated two attacks on Debian and Ubuntu systems -- flipping a bit to change a victim's RSA public key, and installing a software package infected with malware by altering a URL used by apt-get. "Debian, Ubuntu and other companies involved in the research were notified before the paper was published, and have all responded to the issue."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/-i1I__00Tto/researchers-warn-linux-vendors-about-cloud-memory-hacking-trick
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot