On Wed, 02 May 2012 09:04:27 +0800 Ed Greshko <Ed.Greshko@xxxxxxxxxxx> wrote: > "Smart cautions, however, that the work of Goldwasser and her > colleagues is unlikely to yield practical applications in the near > future. “In security, and especially cryptography, it takes a long > time to go from an academic idea to something that’s actually used in > the real world,” Smart says. “They’re looking at what could be > possible in 10, 20 years’ time.” > > I'm not going to spend any time on this....and even if I did it would > yield the same results as my speculating on how to improve brain > surgery. :-) :-) > I interpreted that as meaning the defense against the attack was 10 to 20 years out there. The attack has already been demonstrated, from the sound of the article (I did go read the first link, which described attacks targeting cloud servers at least somewhat successfully). Like you, I'm not going to be contributing to this effort. But if Fedora is already immune, it is one less thing to worry about. If it isn't immune, worst case someone could package a useful program that does a side channel attack in addition to its principle function, and calls home at some point with the payload. The principle threat seems to be that it can find passwords because of patterns in encryption algorithms, with no more than legitimate execute permissions. Admittedly, this is a remote possibility in open source. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
