"The most recent attack, released Tuesday, is known as TEE.fail. It defeats the latest TEE protections from all three chipmakers. The low-cost, low-complexity attack works by placing a small piece of hardware between a single physical memory chip and the motherboard slot it plugs into. It also requires the attacker to compromise the operating system kernel. Once this three-minute attack is completed, Confidential Compute, SEV-SNP, and TDX/SDX can no longer be trusted."
"Trusted execution environments, or TEEs, are everywhere-in blockchain architectures, virtually every cloud service, and computing involving AI, finance, and defense contractors. It's hard to overstate the reliance that entire industries have on three TEEs in particular: Confidential Compute from Nvidia, SEV-SNP from AMD, and SGX and TDX from Intel. All three come with assurances that confidential data and sensitive computing can't be viewed or altered, even if a server has suffered a complete compromise of the operating kernel."
Trusted execution environments (TEEs) from Nvidia, AMD, and Intel underpin many industries including cloud, blockchain, AI, finance, and defense. TEEs provide assurances that confidential data and execution cannot be viewed or altered even when the operating kernel is compromised. A set of new physical attacks, including TEE.fail, bypasses those assurances by inserting inexpensive hardware between a memory chip and its motherboard slot and requiring a compromised OS kernel. TEE.fail completes in minutes, defeats protections across multiple vendors, works against DDR5 memory, and exposes a gap because chipmakers typically exclude physical attacks from TEE threat models.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]