If there's somethin' stored in a secure enclave, who ya gonna call? Membuster! Computer scientists from UC Berkeley, Texas A&M, and semiconductor biz SK Hynix have found a way to defeat secure enclave protections by observing memory requests from a CPU to off-chip DRAM through the memory bus. In a paper [PDF] titled, "An Off-Chip Attack on Hardware Enclaves via the Memory Bus," slated for inclusion in …
This post has been deleted by its author
Let me see if I understand; they're saying that by sniffing the system bus, you can see goings on in a secure enclave communicating over said bus. In other news: water wet, sky blue, all this and more tonight on 60 minutes!
I thought that the whole point of a secure enclave is that it is usually on-die to prevent sensitive signals being routed over the PCB? This is essentially the mistake Microsoft made with the original Xbox many many years ago, it's nothing new.
That's unfortunately not how secure enclaves are designed. They are supposed to allow application software to run code that not even the operating system, hypervisor, or administrator can access, using attestation to prove there has been no meddling.
Said code is things like DRM (on client machines) or sensitive stuff on cloud machines (when you don't want the remote server host snooping on you.)
C.
If you need an interposer between the DIMM and the socket, given that today's premium phones stack the DRAM and SoC in a single package using TSVs. While I'm sure it is technically possible to take that apart and re-layer it with a custom designed interposer that matches the TSVs, that's probably nation state level capability.
The technology to build those chip stacks that layered DRAM and SoCs was only developed this decade, and only practiced by a handful of companies. It would probably cost tens of millions if not more to develop this attack, be somewhat model-specific (you may need four different custom interposers for say Galaxy S10, iPhone XS, Pixel 4, iPhone 11) and wouldn't ever be anything you could do "out in the field" - you'd have to steal someone's phone and send it to a special facility.
Seems like the only way it could work is to swap the target's phone with one that's already been 'customised'. Which presents its own set of problems (matching the condition (markings, dirt, smears etc.), cloning the contents, cloning the sim etc.) all in short enough order the target wouldn't have time to notice. And you'd do it not to gain access to what's currently on the phone necessarily (since you've already cloned its content), but future content or secure operations.
So Holywood level of spying, makes for a reasonable plot line, but not real-life.
I'm not losing sleep over it. In fact, I'm very pleased at this, because it's a possible means of increasing the security of my computer because it means that software won't be able to force my machine to keep secrets from me.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
