Hirdetés
- Milyen okostelefont vegyek?
- Samsung Galaxy S24 - nos, Exynos
- Apple Watch
- Samsung Galaxy S25 - végre van kicsi!
- Ismét az Apple veheti át a piacvezető pozíciót
- One mobilszolgáltatások
- Apple Watch Sport - ez is csak egy okosóra
- Xiaomi 15 Ultra - kamera, telefon
- Honor 200 - kétszázért pont jó lenne
- A Vivo S50 Pro mini is beáll a sorba
Új hozzászólás Aktív témák
-
S_x96x_S
addikt
SEV: "elméletileg" egy gonosz - belsős rendszergazda ki tudja kódolni a titkosításott adatokat.
A HN ( Hacker news-os linken, legalul ) - bővebb - laikusabb infó is van.One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization
"AMD Secure Encrypted Virtualization (SEV) offers protection mechanisms for virtual machines in untrusted environments through memory and register encryption. To separate security-sensitive operations from software executing on the main x86 cores, SEV leverages the AMD Secure Processor (AMD-SP). This paper introduces a new approach to attack SEV-protected virtual machines (VMs) by targeting the AMD-SP. We present a voltage glitching attack that allows an attacker to execute custom payloads on the AMD-SPs of all microarchitectures that support SEV currently on the market (Zen 1, Zen 2, and Zen 3). The presented methods allow us to deploy a custom SEV firmware on the AMD-SP, which enables an adversary to decrypt a VM's memory. Furthermore, using our approach, we can extract endorsement keys of SEV-enabled CPUs, which allows us to fake attestation reports or to pose as a valid target for VM migration without requiring physical access to the target host. Moreover, we reverse-engineered the Versioned Chip Endorsement Key (VCEK) mechanism introduced with SEV Secure Nested Paging (SEV-SNP). The VCEK binds the endorsement keys to the firmware version of TCB components relevant for SEV. Building on the ability to extract the endorsement keys, we show how to derive valid VCEKs for arbitrary firmware versions. With our findings, we prove that SEV cannot adequately protect confidential data in cloud environments from insider attackers, such as rouge administrators, on currently available CPUs."
https://arxiv.org/abs/2108.04575
HN https://news.ycombinator.com/item?id=28153523
Új hozzászólás Aktív témák
- Lenovo ThinkCentre - i5-6400, 8GB, 250SSD, 200HDD
- GAMER PC! Ryzen 5600X / RX 6600 XT / B550 / 32GB 3600MHz / 1TB NVMe M.2 / 650W
- ÚJ! BONTATLAN! ADATA SE 760 512GB ULTRA FAST USB-c,ÚJ! Verbatim VX500SSD 480GBusbcÚJADATA SD700512GB
- GAMER INTEL I5 10400/16GB DDR4/RTX 3070/256GB NVME SSD/500GB HDD
- ÚJ! BONTATLAN! ADATA Ultimate SU800 1TB
- ÁRGARANCIA!Épített KomPhone i5 12400F 32/64GB RAM RX 7800 XT 16GB GAMER PC termékbeszámítással
- Lenovo ThinkPad P14s Gen 1 i7-10510U 32GB 1000GB Nvidia Quadro P520 14" FHD Gar.: 1 év
- Dell 14 Latitude 7450 WUXGA 2in1 Touch X360 Ultra5 135U 12mag 16GB 512GB Win11 Pro WiFi7 Garancia
- PS Plus előfizetések kedvező áron
- ÁRGARANCIA!Épített KomPhone i7 14700KF 32/64GB RAM RX 9070 XT 16GB GAMER PC termékbeszámítással
Állásajánlatok
Cég: BroadBit Hungary Kft.
Város: Budakeszi
Cég: PCMENTOR SZERVIZ KFT.
Város: Budapest