Cyber security news for all

More

    Intel SGX Is Intended To Improve Application Security

    SGX has been in a number of Intel processors since the Skylake architecture is mainly used in cloud data centers to protect crypto operations. It is also used less frequently on desktop computers to decode videos protected with DRM.

    A Box In The Processor

    With SGX, programs can load code into a protected memory area of the system, which is managed by the Intel processor itself. After provisioning such an enclave, code running on the system can no longer look into it and can no longer change the software there. Even privileged system processes are prevented by the hardware from reading or even changing the content of the enclave. In addition, a so-called remote attestation server can verify from the network at any time that the code running in the enclave has not been manipulated.

    Intel SGX

    The Launch Control System Can Sign Executable Codes

    The code running within the enclave is subject to severe restrictions. For example, it must not make any system calls; the rest of the application connected to the enclave via the driver must do this. Once the enclave is set up, the content is protected from the rest of the system so that no data that should be kept secret.

    For a long time, code that should run in SGX’s normal operating mode had to be signed with an Intel-certified developer key. Otherwise the processor did not execute it. Intel places very high security requirements on companies that use such keys and want to program SGX code. However, the second version of the architecture allows the so-called launch control, in which it is no longer Intel, but the system administrator who determines who can sign executable code.

    The attack is extremely complicated and is therefore probably only suitable for very specific, targeted attacks. For example, if there is an exploit that is worth a lot and that the attacker wants to hide from the rest of the world for as long as possible. So far there are no software updates that protect against the postulated attacks. However, the SGX functions can be switched off in the BIOS on all systems that use them. So far, this seems to be the only effective protection against such an attack.

    Recent Articles

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Vodafone experiences a vulnerability with fatal effects

    The injected JavaScript can access the session cookies from Vodafone website and send them to a server. An attacker can take over the session...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox