Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

RIDL - Rogue In-Flight Data Load

IEEE via YouTube

Overview

Explore the groundbreaking research on Rogue In-Flight Data Load (RIDL), a new class of speculative execution attacks, presented at the 2019 IEEE Symposium on Security & Privacy. Delve into the vulnerabilities originating from micro-optimizations in commodity processors, particularly Intel, which allow unprivileged attackers to leak arbitrary data across address spaces and privilege boundaries. Understand how RIDL differs from other speculative execution attacks like Spectre, Meltdown, and Foreshadow by exploiting CPU-internal in-flight data without relying on cache or translation data structure states. Examine the worrisome implications of RIDL attacks, including their ability to be implemented from linear execution without invalid page faults, enabling system-wide attacks from unprivileged code. Learn about practical exploits demonstrating RIDL's capability to leak sensitive information from various sources, including victim processes, virtual machines, kernel, SGX, and CPU-internal components. Discover why RIDL bypasses existing software and hardware mitigations, challenging the effectiveness of per-variant, spot mitigation strategies and highlighting the need for more fundamental defenses against emerging speculative execution attacks.

Syllabus

RIDL: Rogue In-Flight Data Load

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of RIDL - Rogue In-Flight Data Load

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.