Discover Centmin Mod today
Register Now

Security Hardware Intel Xeon's Data Direct IO (DDIO) Lets Researchers Steal SSH Keystrokes!

Discussion in 'Dedicated server hosting' started by eva2000, Sep 11, 2019.

  1. eva2000

    eva2000 Administrator Staff Member

    41,349
    9,279
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,236
    Local Time:
    4:31 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Ouch more potential Intel cpu security vulnerabilities in their Intel Xeon cpu space due to an Intel Xeon Data Direct IO (DDIO) feature which they first launched with Intel Xeon E5 v1 and E7v2

    Looks like more and more of Intel's performance features are getting peeled back and reversed with security vulnerability Kernel patch fixes and advisories to disable certain Intel features i.e. Hyper-threading and now Intel DDIO !
     
    • Informative Informative x 2
  2. Rake-GH

    Rake-GH Premium Member Premium Member

    30
    16
    8
    Jul 29, 2019
    USA
    Ratings:
    +22
    Local Time:
    2:31 AM
    default
    default
    Crazy stuff, but I doubt we'll ever see exploitation the wild. Just like the side channel attacks they keep finding, it's just too obscure to be weaponized. Will be interesting to see if they ever do get seen in the wild. The people who are reversing the CPUs and finding these types of vulns are insane, in a good way (maybe).
     
    • Agree Agree x 1