Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> download random programs onto their computers and run them at random

To be clear that includes what we're all doing by downloading and running Javascript to read HN.

Maybe I can say "don't run adversarial code on my same CPU" and only care about over-the-network CPU side-channels (of which there are still some), because I write Go crypto, but it doesn't sound like something my colleagues writing browser code can do.



Speak for yourself; I've got JavaScript disabled on news.ycombinator.com and it works just fine.


Is this exploitable through JavaScript?

In general from what I've seen, most of these JS-based CPU exploits didn't strike me as all that practical in real world conditions. I mean, it is a problem, but not really all that worrying.


> Is this exploitable through JavaScript?

Why wouldn't it be?


How is JavaScript going to run a chosen-input attack against one of your cores for an hour?


If you leave a tab open that's running that JS..


Because JS/html provides APIs to perform cryptography(I can't recall whether the cryptography specs are part of ES or HTML/DOM) - if you try to implement constant time cryptography in JS you will run into a world of hurt due to the entire concept of "fast JS" being dependent on heavy speculation, and lots of exciting variations in timing of even "primitive" operations.


No, the attack would be implemented in JS, not the victim code (though, that too, but that's not what's interesting here).


Ah, you’re concerned about person using js to execute the side channel portion of the attack, not the bit creating the side channel :)


FYI malicious JS executing in victim users' browsers is a huge concern. All sorts of vulnerabilities can be exploited via JS in this way -- every local side-channel like Spectre/Meltdown, worse things like Row Hammer, etc.


Unfortunately somebody has tricked users to leaving JavaScript on for every site, it is a really bad situation.


Security and utility are in opposing balances often. The safest possible computer is one buried far underground without any cables in a faraday cage. Not very useful.

> We’re not inserting the security community into that loop and slowing things down just so people can download random programs onto their computers and run them at random. That’s just a stupid thing to do, there’s no way to make it safe, and there never will be.

Setting aside JavaScript, you can see this today with cloud computers which have largely displaced private clouds. These run untrusted code on shared computers. Fundamentally that’s what they’re doing because that’s what you need for economies of scale, durability, availability, etc. So figuring out a way to run untrusted code on another machine safely is fundamentally a desirable goal. That’s why people are trying to do homomorphic encryption - so that the “safely” part can go both ways and both the HW owner and the “untrusted” SW don’t need to trust each other to execute said code.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: