Foreshadow is another great attack method that uses the optimisations present in modern processors. It allows you to read the L1 cache of, well, anything on your system. They specifically targeted Intel SGX, which is the secrets enclave thing that allows you to protect your DRM keys, your certificates, etc. But, it was also demonstrated against e.g. SMM, reading kernel memory, page tables of other processes, that sort of general shenanigans. Time to go back to single-user cp/m and Z80! Come to think of it, i’ve been using pip a lot recently…
Looks like another round of microcode updates, bios changes, compiler modifications, kernel patches, hand-wringing, sky-falling, is upon is. Read the article and technical details. Race you to the apt-get update.
Watch the below video if you are not scared enough.
Leave a Reply