How do security researches manage to find stuff like this? o they just run some sort of fuzzer until something interesting happens and they try to reproduce it? Do they scan intel manuals from top to bottom and are intelligent enough to read vulnerabilities through the lines? I am incredibly fascinated by this stuff, but reading things like:
> The hardware interfaces to adjust the voltage (Section 2.2) are undocumented. To use them, we had to rely on third-party reverse-engineered partial documentation and piece it together to develop a real-world setup running on our systems, which required substantial effort on our part.
Is so strange to me. I have no idea how people manage to, or even decide to take on tasks like that. I have trouble finding that sort of stuff even when I know exactly what I'm looking for.
Usually they read a lot, have a general idea of how things might be organized and where vulnerabilities might lie, and then they try a bunch of things to see what works.
Is there a good site or journal that specializes in these things, other than occasionally getting aggregated to HN or Reddit. I'm always intrigued by processor level exploits, especially more obscure ones like this.
> The hardware interfaces to adjust the voltage (Section 2.2) are undocumented. To use them, we had to rely on third-party reverse-engineered partial documentation and piece it together to develop a real-world setup running on our systems, which required substantial effort on our part.
Is so strange to me. I have no idea how people manage to, or even decide to take on tasks like that. I have trouble finding that sort of stuff even when I know exactly what I'm looking for.