Re: [qubes-users] Intel SGX and Spectre
On Sun, February 25, 2018 9:57 pm, taii...@gmx.com wrote: > SGX is a DRM anti-feature mechanism that prevents people from inspecting > what runs on their own computer and it enables malware that is immune to > antivirus programs because it runs in an ME enclave. > > https://software.intel.com/en-us/sgx/details > > > "Hardening DRM for enhanced high definition, 4K ultra high definition > (UHD) content protection" That's the part I found amusing. They sold their closed-source, proprietary code running on ME as a "secure" enclave, but there was conjecture on this very list two years ago that it was not and it was proven with the Spectre exploit. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cf46f22c78a20e69573f78a63c68ce88.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel SGX and Spectre
SGX is a DRM anti-feature mechanism that prevents people from inspecting what runs on their own computer and it enables malware that is immune to antivirus programs because it runs in an ME enclave. https://software.intel.com/en-us/sgx/details "Hardening DRM for enhanced high definition, 4K ultra high definition (UHD) content protection" -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b94ec994-1703-5411-2ba3-3bd4e8245a2e%40gmx.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Intel SGX and Spectre
I found the following humourous: "there is no credible engineering rationale to support the contention that SGX enclaves will provide confidentiality guarantees in the face of these new micro-architectural cache probing attacks." https://idfusionllc.com/2018/01/25/sgx-after-spectre-and-meltdown-status-analysis-and-remediations/ And in a post here from June 28, 2016: "VM CPU mapping - countermeasurements against covert channels via cpu caches?" "With SGX, the memory is encrypted so that it cannot be "read", however, the CPU still does calculations of an SGX enclave the same way as without them which creates the opportunity for the very same covert channels to form." https://mail-archive.com/qubes-users@googlegroups.com/msg01200.html -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8b7bc8580b77b7b41096f49ccbd6e658.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
