Joanna Rutkowska

Joanna Rutkowska @rootkovska

@rhymebyter @Apple Doesn't help with booting your laptop from a special USB drive which then reads all the memory.… https://t.co/EOSLE6NT9Q — PolitiTweet.org

Joanna Rutkowska @rootkovska

@d_olex BTW, have you checked coreboot? — PolitiTweet.org

Joanna Rutkowska @rootkovska

More targeted users should consider more sophisticated "unexpected-(re)boot altering" systems, than the simple S3+tboot, though. — PolitiTweet.org

Joanna Rutkowska @rootkovska

One such anti-coldboot prevention might be tboot. When abrupt shutdown, chipset cuts access to DRAM until scrubbed. https://t.co/VTOoDAVCQD — PolitiTweet.org

Joanna Rutkowska @rootkovska

BTW, the simplest AEM solution is not to shutdown your laptop, keep in sleep/locked. Should be paired with anti-col… https://t.co/Pjt21BxW2P — PolitiTweet.org

Joanna Rutkowska @rootkovska

Needs evil device plugged on reboot. Preventable by AntiEM solutions which warn about unexpected reboots. Thx… https://t.co/Br4DEGKaA9 — PolitiTweet.org

Joanna Rutkowska @rootkovska

@d_olex Any device which sticks out from my laptop? :) The Intel integrated devices I need to trust anyway today, they can do mucho damage. — PolitiTweet.org

Joanna Rutkowska @rootkovska

@d_olex By making sure not suspicious devices connect to my laptop during reboot? — PolitiTweet.org

Joanna Rutkowska @rootkovska

@d_olex So proper solution: don't shutdown your system, use tboot to prevent simple coldboot, if system rebooted, d… https://t.co/Pf3ShWc4zt — PolitiTweet.org

Joanna Rutkowska @rootkovska

@d_olex Wrong link. An Anti Evil Maid-like defense which detects unintended system reboot I meant. — PolitiTweet.org

Joanna Rutkowska @rootkovska

@d_olex Or Anti Evil Maid-like defense? https://t.co/hMVR6Y14uc — PolitiTweet.org

Joanna Rutkowska @rootkovska

@d_olex IOW, it's a more sophisticated way to implement Evil Maid attack, and all Anti-EM approaches prevent the attack also, correct? — PolitiTweet.org

Joanna Rutkowska @rootkovska

@d_olex I see, but that requires the attacker to reboot your system, and then wait for you to log back in, right? — PolitiTweet.org

Joanna Rutkowska @rootkovska

#InfosecProblems https://t.co/S1nYGVnQqF — PolitiTweet.org

Joanna Rutkowska @rootkovska

@d_olex AFAIU, if the system uses IOMMU, this protects against the attack, right? — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @thegrugq: Compartmentation, the foundation on which solid security is built. A timeless lesson... https://t.co/TgtP59qZjf — PolitiTweet.org

Joanna Rutkowska @rootkovska

And the other two to @tehjh, congrats all! :) https://t.co/ltQKJOPbgI — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @QubesOS: Qubes Security Bulletin #31: Several Xen bugs, practical impact unclear (XSA 216-224): https://t.co/l2ZjcCOGRf — PolitiTweet.org

Joanna Rutkowska @rootkovska

Technical write-up on the #StackClash vuln by @qualys that everybody's talking now: https://t.co/gQfJIr74E7 — PolitiTweet.org

Joanna Rutkowska @rootkovska

@homakov @QubesOS @OpenTechFund The number looks to be accurate.. unbelievable! — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @qualys: The Stack Clash: vulnerability in memory management of Linux, OpenBSD, NetBSD, FreeBSD and Solaris, on i386 & amd64 https://t.c… — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @kennwhite: Security protip: when skimming long/complex bug reports, do a quick search for "unfortunately" or "surprisingly". — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @fmarmond: we recently had a discussion about US vs EU innovation funding (esp. for "cyber" world) with @halvarflake and others. DARPA c… — PolitiTweet.org

Joanna Rutkowska @rootkovska

Yup. Just like... the Internet. And most computer technologies... ;) https://t.co/IHafSCuM0G — PolitiTweet.org

Joanna Rutkowska @rootkovska

@QubesOS I really find it awkward that @QubesOS got over $500k funding from the US government (via @OpenTechFund) and ZERO from the EU :( — PolitiTweet.org

Joanna Rutkowska @rootkovska

Right... and yet ITL/@QubesOS got repeatedly turned down by EU funding initiatives :/ https://t.co/q9jlMPEuVN — PolitiTweet.org

Joanna Rutkowska @rootkovska

(SGX) Remote Attestation is just like Bitcoin: The first five times you think you understand it, you don’t! (as @dakami once put it ;) — PolitiTweet.org

Joanna Rutkowska @rootkovska

So, additional (beyond simple SGX SDK) efforts are required to design an SGX-based system to limit its vulnerabilities to such attacks. — PolitiTweet.org

Joanna Rutkowska @rootkovska

Correct. Most ppl tend to think that RA can tell apart instances of the same SGX enclave (hash-wise) running on dif… https://t.co/9B0kdmG551 — PolitiTweet.org

Joanna Rutkowska @rootkovska

@XenoKovah For many XSAs it's v. difficult to evaluate actual impact b/c of Xen uniqueness. Xen Team thus, correctl… https://t.co/TGC59lEa2K — PolitiTweet.org