vegeta@lemmy.world to Technology@lemmy.worldEnglish · 3 days agoHackers can steal 2FA codes and private messages from Android phonesarstechnica.comexternal-linkmessage-square50fedilinkarrow-up1242arrow-down115cross-posted to: technology@beehaw.org
arrow-up1227arrow-down1external-linkHackers can steal 2FA codes and private messages from Android phonesarstechnica.comvegeta@lemmy.world to Technology@lemmy.worldEnglish · 3 days agomessage-square50fedilinkcross-posted to: technology@beehaw.org
minus-squareA Basil Plant@lemmy.worldlinkfedilinkEnglisharrow-up7·edit-22 days agoYou can implement a counting-thread that’s even more precise than the CPU’s timer (TSC on x86) platforms. This was shown in attacks on Intel SGX, where the rdtsc instruction to access the time-stamp counter is unavailable. https://link.springer.com/chapter/10.1007/978-3-319-60876-1_1 https://arxiv.org/pdf/1702.08719 If you remove access to the timer, attackers will simply build one.
You can implement a counting-thread that’s even more precise than the CPU’s timer (TSC on x86) platforms. This was shown in attacks on Intel SGX, where the rdtsc instruction to access the time-stamp counter is unavailable.
https://link.springer.com/chapter/10.1007/978-3-319-60876-1_1
https://arxiv.org/pdf/1702.08719
If you remove access to the timer, attackers will simply build one.