Sign Up Now!

Sign up and get personalized intelligence briefing delivered daily.

Sign Up

Articles related to "yes"

Plundervolt: Corrupt the integrity of Intel SGX by controling the voltage

  • Plundervolt is a similar class of Undervolting attacks like CLKScrew and VoltJockey executed on SGX enclaves.
  • This is because the undervolting interface is only accessible with root privileges in the untrusted operating system - it would not make sense to attack software with undervolting when you're already root, apart from the case of SGX (which should protect against a root attacker).
  • No. The undervolting interface is accessible from software, so if a remote attacker can become root in the untrusted OS, she can also mount the Plundervolt attack.
  • If you do use SGX: Intel has released a microcode update that - together with a BIOS update - allows disabling of the undervolting interface.
  • However, Plundervolt and CLKScrew/VoltJockey are similar in that they use a privileged power/clock management feature to inject faults into a trusted execution environment.
  • Plundervolt achieves the complementary operation, namely changing values in SGX-protected memory (i.e. attacks the integrity).

save | comments | report | share on