NSA Updated Guidance on Side Channel Vulnerabilities

Re: https://firmwaresecurity.com/2019/01/28/nsa-hardware-and-firmware-security-guidance-updated/

In addition to the Markdown-based documents on Github, NSA has an updated PDF on side channel attacks, mentioned in this US-CERT announcement:

https://www.us-cert.gov/ncas/current-activity/2019/02/01/NSA-Releases-Updated-Guidance-Side-Channel-Vulnerabilities

https://www.nsa.gov/Portals/70/documents/what-we-do/cybersecurity/professional-resources/CSA_Updated_Guidance_For_Vulnerabilities_Affecting_Modern_Processors_20190130.pdf?ver=2019-01-30-142631-553

PS: Re: https://firmwaresecurity.com/2019/01/28/nsa-lojax-guidance-incorrectly-still-says-secure-boot-is-a-mitigation/
the NSA updated the Lojax guidance w/r/t Secure Boot: 🙂

https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance/commit/e2a0241cdee446fbd55a3249167a072e1bbcbce7

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s