(arstechnica.com)
Written By joeo10
2020-06-10T23:55:01Z
The new SGX attacks are known as SGAxe and CrossTalk. Both break into the fortified CPU region using separate side-channel attacks, a class of hack that infers sensitive data by measuring timing differences, power consumption, electromagnetic radiation, sound, or other information from the systems that store it. The assumptions for both attacks are roughly the same. An attacker has already broken the security of the target machine through a software exploit or a malicious virtual machine that compromises the integrity of the system. While that’s a tall bar, it’s precisely the scenario that SGX is supposed to defend against.
Yikes, Intel in trouble with their CPUs again.
New Intel chip flaws disclosed: one can leak secure enclave data and another allows cross core info leakage; both have patches that partially fix the issues