
SGX malware PoC released - hp_officejet
https://github.com/sgxrop/sgxrop
======
kevin_b_er
A better article to look at might be this:
[https://www.theregister.co.uk/2019/02/12/intel_sgx_hacked/](https://www.theregister.co.uk/2019/02/12/intel_sgx_hacked/)

What it boils down to: Intel SGX is for Digital Restrictions Management
software to run "securely" and prevent the user and owner from interfering
with as an actively hostile act against ownership.

However, since the SGX enclave is not analyzable by the user by design, since
it designed to be hostile to the user and owner, malware can easily hide here.
The proof is that they can load malware into the protected SGX area, then
escape the supposed sandbox of SGX to attack the rest of the user's system.
Since SGX software is, again, fundamentally hostile to the user and the owner,
malware can reek havok once it gets to play inside the user-hostile workspace
Intel has provided to the copyright cartel.

------
jdsnape
This is the paper which explains the research:
[https://regmedia.co.uk/2019/02/12/sgxmalware.pdf](https://regmedia.co.uk/2019/02/12/sgxmalware.pdf)

