LinkBack URL
About LinkBacksRead more.'Reverse Meltdown' attack could facilitate the stealing of sensitive data from Intel SGX enclaves.
Read more.'Reverse Meltdown' attack could facilitate the stealing of sensitive data from Intel SGX enclaves.
Oh look another one....
OMG Intel stuff has flaws and is vunerable to people stealing all your datas.
Don't nobody buy Intel stuff ever again.....!!
_______________________________________________________________________
Originally Posted by Mark Tyson
These have been happening for decades, I've never cared for a single one of them. Stroking my i7 980.
It's one thing to extract nominal data from a computer in use via memory/cache, it's another to breach the secure enclave that's meant to be so hidden from the overlying software/kernel and extract its information
severity rating : ..........MEDIUM MEDIUM MEDIUM.
https://www.theregister.co.uk/2020/03/09/amd_sidechannel_leak_report/
nowhere near the same thing. Plus that, minor thought it was, had already been patched before it hit the news. Patched without performance penalty if I've understood.
Here note too though that for trusted OS in controlled environments it is a non-issue. Smugly noting that my i7-870 is the generation before this SGX feature was introduced so hopefully I'm unaffected (for once!)
As said, nowhere near the same thing....
All theoretical attacks though
So there's no point protecting against it until it's exploited in the wild?
I don't ever intend on having a car crash but i still drive safely and buy car insurance.
Reverse Meltdown? Will have to ask the wife about that one....
To be honest I linked the Register article as a little tongue in cheek prod at the AMD fanbois potentially false sense of security and smugness.
I don't claim to be an expert on this by any means. I gave up writing assembly code after the MC68K, when I switched to Intel (around 1990). Apart from some hand patching of 80186 and custom Mitel stuff during overseas telecomms testing I haven't had to go lower than a C compiler for the last 25 years - and I am more than happy about that.
...But, from what I have read, these 'new' vulnerabilities are all variations on the similar theme of a side-channel attack, whereby high resolution timing is used to exploit CPU code prediction mechanisms, defeating access privileges imposed by the CPU. So while the attacks may be different in implementation and result, they [all] exploit a previously neglected attack vector that is potentially present in most all modern CPUs.
Absence of evidence is not evidence of absence. The researchers have proven Intel chips are vulnerable because Intel chips were the target of the research. Whatever the researchers have proved, they have not proven that other manufacturers are impervious to similarly crafted attacks.
Is there such a thing as a trusted OS? The point about these new side-channel attacks is they highlight that process and memory separation at the OS layer are 'virtual' features that do not survive the physical transition to silicone.Here note too though that for trusted OS in controlled environments it is a non-issue. Smugly noting that my i7-870 is the generation before this SGX feature was introduced so hopefully I'm unaffected (for once!)
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
