Everyone is talking about the newly-discovered vulnerability in the architecture of a bunch of CPUs. But the vulnerability is to "side-channel attacks" and I didn't know what that was.
So I looked it up. I seems that a side-channel attack requires physical access, so maybe the security threat isn't as dire or widespread as the media is making it out to be. But on the side-channel attack page they mention
rubber-hose cryptanalysis
In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture—such as beating that person with a rubber hose, hence the name—in contrast to a mathematical or technical cryptanalytic attack.
And that's just beautiful.
No comments:
Post a Comment