solipsist comments on How to escape from your sandbox and from your hardware host - Less Wrong

28 Post author: PhilGoetz 31 July 2015 05:26PM

You are viewing a comment permalink. View the original post to see all comments and the full post content.

Article Navigation

Comments (28)
Tags: ai

Comments (28)

You are viewing a single comment's thread. Show more comments above.

Comment author: jimrandomh 01 August 2015 04:30:15PM *  4 points [-]

This does indeed defeat operating system privilege-model based sandboxing, and might also defeat software virtualization-based sandboxing (no PoC).

This is why I advocate, when superintelligence seems near, the use of overlapping, qualitatively dissimilar sandboxing mechanisms. Rowhammer does not defeat language semantics-based sandboxing mechanisms, because it requires settings up an anomalous instruction stream, with a very high density of cache-flush instructions; an AI could only do that if it had the ability to create and run new code for itself, bypassing your compiler. Nor does it defeat network-topology based sandboxing mechanisms. In addition to that, RowHammer takes a long time and leaves evidence in hardware counters; a properly-engineered containment system would shut down its contents as soon as the attack started.

Comment author: solipsist 01 August 2015 07:11:00PM 1 point [-]

What's a network topology based sandboxing mechanism?

Comment author: jimrandomh 01 August 2015 10:21:03PM 6 points [-]

A fancy way of saying "don't have a wire or path of wires leading to the internet".

Comment author: Autolykos 05 August 2015 09:31:37AM 4 points [-]

While air gaps are probably the closest thing to actual computer security I can imagine, even that didn't work out so well for the guys at Natanz... And once you have systems on both sides of the air gap infected, you can even use esoteric techniques like ultrasound from the internal speaker to open up a low bandwith connection to the outside.

Comment author: DanArmak 05 August 2015 12:01:59PM 4 points [-]

Even if you don't have systems on the far side of the air gap infected, you can still e.g. steal private keys from their CPUs by analyzing EM or acoustic leakage. So in addition to an air gap, you need an EM gap (Faraday cage) and an acoustic gap (a room soundproofed for all the right frequencies).

In general, any physical channel that leaks information might be exploited.

Powered by Reddit Powered by Reddit