But who uses BIOS these days? Microcode updates are distributed using the usual update channels for both Windows and Linux
Posts by TheExodus
2 publicly visible posts • joined 14 Nov 2020
Intel's SGX cloud-server security defeated by $30 chip, electrical shenanigans
Monday 16th November 2020 11:50 GMT
This is "slightly" exaggerated
The entire point of SGX is to isolate the data and code running inside an enclave from code and data outside of it. Its main purpose is to ensure that secrets in a VM is kept out of reach from someone having control of the VMM, the threat model really doesn't include physical access.
I'm kind of curious if they had code running in the enclave too, or if they just stuck a key in there? I'd imagine that the more you have, and the more that changes, in an enclave the harder it'll be to get a key. These types of attacks aren't really my gig though, so I'm just guessing.
Biting the hand that feeds IT
