So far, the team has found the vulnerability in computers with Intel’s ‘Sandy Bridge’ processors.
OpenSSL works similarly to the encryption packages used by Google Chrome (Boring SSL) and Firefox (Mozilla’s Network Security Service (NSS)), according to TechXplore.
It is used to protect many browsers, and researchers now say it is vulnerable to timing attacks.
The bug was discovered by Dr. Yuval Yarom, Research Associate at the University of Adelaide’s School of Computer Science, Daniel Genkin of Tel Aviv University and Dr Nadia Heninger of the University of Pennsylvania.
Through this vulnerability, the researchers were able to ‘listen in’ on the software, measuring highly sensitive changes in the computer’s timing down to less than one nanosecond. For the full article click here
from hacker samurai http://ift.tt/1QuyKkO
via IFTTT
No comments:
Post a Comment