Skip to main content

Cloud VM Vulnerability - Stealing from Cache

ARD

Cloud has been the buzz for several couple of years now. Cloud server, distributed networking, automatic redundancy, and all the other stuff promoted with the adoption of "Cloud." But there really is no cloud. To us, it's just a marketing lingo. The underlying technologies used to implement "cloud" has been there for a long time, they are system administrator and network engineer domain technologies. To us, the cloud is just another rack of servers managed by someone else. To us, it's just somebody else's computer.

You can immediately tell that we were never a fan of "cloud" and when one needs a server resource our recommendation is to always setup your own local-and-private server for development, get a VPS, or rent a Dedicated Server. Still vulnerable but in several respect more manageable.

In an Internet Safety talk presented this February at Cebu City Capitol for Break the Silence, the speaker brazenly shut down a well-meaning suggestion (from the audience) that simply using a browser's private mode or incognito mode will make online shopping safer. It was shut down by pointing out that a cache is still present, the memory address is simply just not available to the browser or consumer applications and that a digital forensic tool (subject to the skill+understanding of the practitioner) can easily retrieve the data. That of course involves physical access to the device but the speaker was nevertheless correct and in the right direction.

This month, researchers just disclosed that one can steal data from two cloud-based VMs in this paper: Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud citing A Placement Vulnerability Study in Multi-Tenant Public Clouds as a reference. And it affects Amazon, Google and Azure. No physical access required.

Implementing this is currently not trivial. But its entirely possible that it'll only be a matter of time that those who are not so concerned about network security will relax some requirements in their implementation and you'll find your data being retrieved from cache.

Comments

Post a Comment

Popular Posts

Protect Personal Information - Present and Future Value

Net Safety PH
Dear Mothers, We understand you are proud of your child. You can shout to the world that you are but please do not share your child's personal information online.
Post a Comment
Read More

Like Farming - Not All You Like Is What It Is

Net Safety PH
Only a few people will really believe warnings such as the one we're about to quote. It goes like this:
Post a Comment
Read More