SgxSpectre – Improved Spectre Exploit Revealed

Windows Articles

How to get Google Opinion Rewards in any Country

Greetings! Google Opinion Rewards is a cool app, which will allow you to earn credit, to spend it on the Google Play...

How to change the hostname on Ubuntu?

This simple tutorial will teach you how to change the hostname on Ubuntu. The steps we will tell you here will work...

How to install Screaming Frog SEO Spider on Ubuntu 20.04 / 18.04?

If you are working with blogs and content creation then you should know about SEO. Or in the best case, you have...

How to Configure a Firewall in Ubuntu 20.04 / Debian 10?

There is nothing safe from hackers on the Internet, however, we can implement security measures to be more protected against an attack. With this...

Gnome 3.38 available

Gnome OS is a Linux-based operating system, which has a huge domain in the Linux forums. On September 16, 2020, developers announced...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

The Spectre is one of the most critical bugs of the modern processors that’s really hard to defend against without hardware upgrade. Although system patches are available, they aren’t the permanent solution. Spectre is hard to exploit, but a new variation of the method can successfully use the vulnerability. This new variation is discovered by six scientists from the Ohio State University. This new attack is able to extract info from Intel SGX enclaves, thus named SgxSpectre.

What is SGX?

The SGX (Intel Software Guard eXtension) is a feature of Intel processors allowing apps to create so-called enclaves that are hardware-isolated sections of the processor’s processing memory where apps run sensitive operations like encryption keys, passwords, user data etc. The Meltdown and Spectre flaws revealed last year shows that such information can be stolen from the processor’s memory due to the bugged system mechanism. However, the classic form of Meltdown or Spectre wasn’t enough to extract data from the SGX enclaves.

How SgxSpectre works

SgxSpectre is the perfect solution that can steal data from the Intel’s SGX enclaves. According to the researchers, the SgxSpectre is capable of doing so because of the specific code pattern in the software libraries that allowed devs to integrated SGX support in their apps. The vulnerable SGX SDKs include Rust-SGX, Graphene-SGX, and Intel SGX.

A hacker, in theory, and practice can leverage the patterns of repetitive code execution that these SDKs introduce in SGX enclaves. Thus, the hacker can watch small variations of cache size. This is the process named “classic side-channel attack” and it’s quite effective in the field.

According to the researchers, SgxSpectre compromises the confidentiality of SGX enclaves completely because of the vulnerable code execution patterns. As these are difficult to eliminate, SgxSpectre attack can be performed against any programs that use the SGX enclave facility.

It’s notable that the concept of SGX enclave is still in the early days. Because of the facilities, its adoption is also quite fast-paced including the public clouds. Almost all the present SGX libraries contain the flawed execution pattern and are extremely hard to remove.

Here’s how it works.

Security incoming

The recent fixes from Intel for Spectre didn’t prove their worth, as those were easy to work around. According to Intel’s reaction to this SgxSpectre, Intel SGX SDK is going to have an update on 16 March 2018. App developers must integrate the new SGX SDK libraries into their SGX-enabled apps and issue updates to the users.

According to the researchers, those apps who use Google’s Retpoline anti-Spectre coding techniques are safe from SgxSpectre. That’s a nice relief that Google’s apps aren’t vulnerable to the new Spectre exploit.

For staying secured, update all the apps in your system as soon as available. It’s important to defend against heinous attackers. The proof-of-concept code is publicly available on GitHub. Here’s also a demonstration that shows the practical usage of SgxSpectre.

Intel announced that they’ll be shipping processors free of Meltdown and Spectre in 2018. However, it’s still not 100% guaranteed that such exploits won’t be available. Take a look how more Meltdown and Spectre flaws may emerge.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to get Google Opinion Rewards in any Country

Greetings! Google Opinion Rewards is a cool app, which will allow you to earn credit, to spend it on the Google Play...

How to change the hostname on Ubuntu?

This simple tutorial will teach you how to change the hostname on Ubuntu. The steps we will tell you here will work...

How to install Screaming Frog SEO Spider on Ubuntu 20.04 / 18.04?

If you are working with blogs and content creation then you should know about SEO. Or in the best case, you have...

How to Configure a Firewall in Ubuntu 20.04 / Debian 10?

There is nothing safe from hackers on the Internet, however, we can implement security measures to be more protected against an attack. With this...

Gnome 3.38 available

Gnome OS is a Linux-based operating system, which has a huge domain in the Linux forums. On September 16, 2020, developers announced...
x