
Show HN: Plundervolt, an SGX fault injection attack against Intel processors - partingshots
https://twitter.com/jovanbulck/status/1204465335891611648
======
java-man
Could this vulnerability be created by design, i.e. by request of you-know-
what agencies?

------
partingshots
tl;dr

This exploit doesn't require local access, and is a software-based attack
similar to Row Hammer. I highly recommend reading the paper that was released
highlighting how the exploit, Plundervolt, works available here
([[https://plundervolt.com/doc/plundervolt.pdf](https://plunder...](https://plundervolt.com/doc/plundervolt.pdf\]\(https://plundervolt.com/doc/plundervolt.pdf\)))
in order to get a better understanding of how it functions.

I wouldn't be surprised if this ends up being one of the most serious security
vulnerabilities found in a hardware processor in quite a while. Effectively
every single modern Intel processor is affected and at risk from this exploit
right now.

