dark
Hand-Picked Top-Read Stories
Trending Tags

Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs

Anil Rao, Intel’s vice president and general manager of systems architecture and engineering, says the opportunity for Intel and Google engineers to work as a team was particularly fruitful. The group had regular meetings, collaborated to track findings jointly, and developed a camaraderie that motivated them to bore even deeper into TDX.

Of the two vulnerabilities the researchers found that Rao called “critical,” one related to loose ends from a cryptographic integrity feature that had been dropped from the product. “It was a leftover thing that we didn’t catch, but the Google team caught it,” he says. The other major vulnerability uncovered by the project was in Intel’s Authenticated Code Modules, which are cryptographically signed chunks of code that are built to run in the processor at a particular time. The vulnerability involved a small window in which an attacker could have hijacked the mechanism to execute malicious code.

“For me, that was something which was surprising. I wasn’t expecting that we had such a vulnerability in our internal system,” Rao says. “But I was super happy that this team caught it. It’s not that these are easy vulnerabilities for someone to tap into, but the fact that it’s there is not a good thing. So at least once we fix it then we can sleep better at night.”

Rao and Porter also point out that the finding was significant because ACM is used in other Intel security products beyond TDX.

Additionally, as part of the collaboration, Google worked with Intel to open source the TDX firmware, low-level code that coordinates between hardware and software. This way, Google Cloud customers and Intel TDX users around the world will have more insight into the product.

“Confidential computing is an area where we are opening up and telling customers, ‘bring your most sensitive applications, bring your most sensitive data, and operate it on shared infrastructure in the cloud,’” Rao says. “So we want to make sure that we follow a rigorous process in ensuring that the key handlers of that sensitive data are rugged. Whether we like it or not, establishment of trust takes a long time, and you can break it very easily.”

Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here

Index Of News
Index Of News Author
Related Posts
How to Activate Do Not Disturb Mode On Samsung Devices thumbnail

How to Activate Do Not Disturb Mode On Samsung Devices

Smartphones and tablets are an incredible way to stay in touch with others and access the world’s knowledge. They’re also, at times, an annoying distraction that may break your concentration at the worst possible time or wake you up in the middle of the night with an ill-timed notification. Fortunately, there’s one feature that addresses…
January 14, 2022
Read More
Samsung inaugurează un nou magazin Experience Store în Promenada Mall din București; Va expune noile telefoane Galaxy S22 pe 9 februarie thumbnail

Samsung inaugurează un nou magazin Experience Store în Promenada Mall din București; Va expune noile telefoane Galaxy S22 pe 9 februarie

Prima zi a lunii februarie coincide cu lansarea unui nou magazin Samsung Experience Store în România, magazinul cu numărul 5 din țară pe care îl vom găsi în Promenada Mall. În țară mai avem asemenea magazine în Mall Băneasa, AFI Cotroceni și Mega Mall - asta în București, iar un altul în AFI Ploiești. Noul…
February 1, 2022
Read More

BYD Turns To Self-Developed Autonomous Driving

Skip to content On August 15th, two informed sources revealed that BYD has abandoned the agreement to equip its electric vehicles with Baidu‘s autonomous driving technology and will focus on developing in-house intelligent car software. According to the report, Baidu, Inc. initially agreed in March 2022 to use its technology in BYD’s electric vehicles, including
August 15, 2023
Read More
Top 20 Highest-Paid Athletes in 2023-24 thumbnail

Top 20 Highest-Paid Athletes in 2023-24

The world’s highest-paid athletes are undoubtedly masters of their craft – both on the field and off it. Many of these athletes, however, make a large proportion of their money through their endorsements and social media activities rather than sport. As a result, a lot of affluent athletes today are also top-level brands and influencers
February 23, 2024
Read More
The contentious path to a cleaner future thumbnail

The contentious path to a cleaner future

This article is from The Spark, MIT Technology Review’s weekly climate newsletter. To receive it in your inbox every Wednesday, sign up here. The world is building solar panels, wind turbines, electric vehicles, and other crucial climate technologies faster than ever. As the pace picks up, though, a challenge is looming: we need a whole
January 25, 2024
Read More
Index Of News
Consider making some contribution to keep us going. We are donation based team who works to bring the best content to the readers. Every donation matters.
Donate Now

Subscription Form

Liking our Index Of News so far? Would you like to subscribe to receive news updates daily?

Total
0
Share