[tor-bugs] #21010 [Applications/Tor Browser Sandbox]: Disable RDTSC/RDTSCP to limit side-channel attacks
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Dec 17 08:29:31 UTC 2016
#21010: Disable RDTSC/RDTSCP to limit side-channel attacks
----------------------------------------------+-------------------------
Reporter: cypherpunks | Owner: yawning
Type: enhancement | Status: new
Priority: High | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+-------------------------
Changes (by yawning):
* priority: Medium => High
Comment:
Yeah, I gave serious thought about disabling this when I was initially
writing the code, primarily to frustrate some of the timing attacks
against ASLR. I'll definitely look into this when I have a moment, but
this week has been dealing with all of the dumb bugs I had in the code
that got shipped, and I still have the update logic rewrite to do at a
minimum.
Bumping the priority up to high, because this is important.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21010#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list