Battering RAM – Low-Cost Interposer Attacks on Confidential Computing

39•pabs3•2h ago

Comments

schoen•2h ago

I think I talked about this possibility with Bunnie Huang about 15 years ago. As I recall, he said it was conceptually achievable. I guess it's also practically achievable!

no_time•1h ago

I find it reassuring that you can still get access to the data running on your own device, despite all the tens of thousands of engineering hours being poured into preventing just that.

throawayonthe•1h ago

I doubt you own hardware capable of any of the confidential computing technology mentioned

kedihacker•53m ago

Well microcontrollers can prevent you from repairing your own device with DRM and secure enclaves

Simple8424•1h ago

Is this making confidential computing obsolete?

Harvesterify•17m ago

In their current form, AMD and Intel proposals never fulfilled the Confidential Computing promises, one can hope they will do better in their next iteration of SGX/TDX/SEV, but they were always broken, by design.

dist-epoch•3m ago

That's like saying a security vulnerability in OpenSSL/SSH is making SSL/SSH obsolete.

fweimer•1h ago

I'm kind of confused by AMD's and Intel's response. I thought both companies were building technology that allows datacenter operators to prove to their customers that they do not have access to data processed on the machines, despite having physical access to them. If that's out of scope, what is the purpose of these technologies?

Harvesterify•20m ago

Security theater, mostly.

matja•28m ago

> No, our interposer only works on DDR4

Not surprising - even having 2 DDR5 DIMMs on the same channel compromises signal integrity enough to need to drop the frequency by ~30-40%, so perhaps the best mitigation at the moment is to ensure the host is using the fastest DDR5 available.

So - Is the host DRAM/DIMM technology and frequency included in the remote attestation report for the VM?

commandersaki•22m ago

I like how the FAQ doesn't really actually answer the questions (feels like AI slop but giving benefit of the doubt), so I will answer on their behalf, without even reading the paper:

Am I impacted by this vulnerability?

For all intents and purposes, no.

Battering RAM needs physical access; is this a realistic attack vector?

For all intents and purposes, no.

Lgbtt Heterosexuals with Fraudulent Bodies

DefiLlama to delist Aster perpetual volume data over integrity concerns

The Power of Three: Ternary Logic, Triolectics, and Three Sided Football

Hanami for Rails Developers – Part 1

Leak suggests US Government is fibbing over FEMA security failings

The Zionist Occupation of Open Source

The Debugging Book

Clop crew hits Oracle E-Business Suite users with fresh zero-day

Show HN: Iframetest.com

Show HN: Fast Masked Mail Creator – Chrome Extension for Fastmail Masked Emails

2 Math Problems Fall to LLM: Tsumura's 554 solved, Majority Optimality Disproved

Tutorials for Sandia's Lammps Simulation Package

Tone Control

Build a VPN Tunnel with Wintun on Windows – Part 1

NetBird – An Open-Source Tailscale Alternative

Nobel Prize in Physiology or Medicine 2025 awarded to immune system researchers

Meta announces launch of APAC's 'largest capacity subsea cable' in 2028

-

Testing two 18 TB white label SATA hard drives from datablocks.dev

Love Money Harvey – Free Adult Visual Novel and Finance Game

EasyOS: An Experimental Linux Distribution

Granite-4.0-Micro: a 3.4B parameter LLM that runs in the browser

Show HN: How to create your own custom decentralized lotteries

Cerebras Withdraws IPO Filing

Django: One ORM to rule all databases

Understanding Object-Oriented Programming

The 'Best' Colleges Aren't the Best Forever

Crypto-Current (2021)

Full code to build your own AI agent with Python

A terminal command that tells you if your USB-C cable is bad