
Meltdown strikes back: the L1 terminal fault vulnerability - ingve
https://lwn.net/SubscriberLink/762570/75306c44ec963c8f/
======
userbinator
I've lost count of all the side-channels that have been discovered since
Meltdown/Spectre, and to be honest, I quite frankly really don't care any more
than I did before... I don't run untrusted code (yes, that includes
JavaScript) and I'm the only user of my PC. Since Intel first introduced
"protected" mode in the 286 I've felt the notion that it was only intended for
protection against accidental errors, not deliberate maliciousness. From that
perspective, all this "side-channel hide-and-seek" seems like an exercise in
futility to add a level of security to something that was inherently not
designed for such.

 _Since this attack goes directly to a physical address, it can in theory read
any memory in the system. Notably, that includes data kept within an SGX
encrypted enclave, which is supposed to be protected from this kind of thing._

Maybe one of the more positive things to come of this mess... and proof that
DRM-enabling technologies will(should?) always be broken by design.

~~~
perl4ever
"From that perspective, all this "side-channel hide-and-seek" seems like an
exercise in futility to add a level of security to something that was
inherently not designed for such."

It seems that this SGX thing _was_ designed for such. That's what makes this
new attack notable.

~~~
userbinator
Make no mistake, SGX was designed to give Intel control over what code its
processors can run (they have the signing key), and to enable user-hostile
DRM. Attacks against it are welcome in the same way as jailbreaks and rooting.

~~~
geogriffin
Let's be precise; that Intel is enforcing enclave Launch Control is orthogonal
to the SGX mechanism itself. Launch Control is a bane to end-users, like you
said, and a pain to enclave creators (I had to talk to some random business
development employee at Intel..) Intel has even specified a system for users
to use their own Launch Control (or disable it) but that is not implemented in
any actual chips.

------
wagnerpatriota
duplicated

~~~
Jedd
Earlier post :
[https://news.ycombinator.com/item?id=17760733](https://news.ycombinator.com/item?id=17760733)

But zero comments at 6h

~~~
mediocrejoker
Probably due to this
[https://news.ycombinator.com/item?id=17759762](https://news.ycombinator.com/item?id=17759762)

