Welcome to Centmin Mod Community
Register Now

Security Hardware Intel Xeon's Data Direct IO (DDIO) Lets Researchers Steal SSH Keystrokes!

Discussion in 'Dedicated server hosting' started by eva2000, Sep 11, 2019.

  1. eva2000

    eva2000 Administrator Staff Member

    42,285
    9,554
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,714
    Local Time:
    9:47 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Ouch more potential Intel cpu security vulnerabilities in their Intel Xeon cpu space due to an Intel Xeon Data Direct IO (DDIO) feature which they first launched with Intel Xeon E5 v1 and E7v2

    Looks like more and more of Intel's performance features are getting peeled back and reversed with security vulnerability Kernel patch fixes and advisories to disable certain Intel features i.e. Hyper-threading and now Intel DDIO !
     
    • Informative Informative x 2
  2. Rake-GH

    Rake-GH Premium Member Premium Member

    34
    21
    8
    Jul 29, 2019
    USA
    Ratings:
    +29
    Local Time:
    6:47 AM
    default
    default
    Crazy stuff, but I doubt we'll ever see exploitation the wild. Just like the side channel attacks they keep finding, it's just too obscure to be weaponized. Will be interesting to see if they ever do get seen in the wild. The people who are reversing the CPUs and finding these types of vulns are insane, in a good way (maybe).
     
    • Agree Agree x 1