frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

New attacks are diluting secure enclave defenses from Nvidia, AMD, and Intel

https://arstechnica.com/security/2025/10/new-physical-attacks-are-quickly-diluting-secure-enclave-defenses-from-nvidia-amd-and-intel/
52•voxadam•3h ago

Comments

ForHackernews•3h ago
A wise elder once told me, "There are no secrets in silicon." (e.g. https://www.sciencedirect.com/science/article/abs/pii/S00262...)

If an attacker with time and resources has physical access, you are doomed.

immibis•3h ago
It works in practice because most don't have enough time, physical access, and electron microscopes.
beeflet•2h ago
I think it provides a false sense of security in practice. You end up relying on security methods that dont work against adversaries above a level of initial investment.
i80and•3h ago
It is also true that making attackers spend time and resources has value. Just because you're trapped in a Red Queen race doesn't mean you should stop running
PaulHoule•2h ago
But way too often getting into the TPM on one machine leaks secrets that enable a global compromise. In the case of media piracy, for instance, DRM might inconvenience millions of people but it takes just one person to crack it, either head on or through the analog hole and then the files are on BitTorrent.
immibis•3h ago
Good. I like the idea of a secure enclave that I own and control when it's in my computer but in practice almost all of them are deployed in a user-hostile way to the benefit of shareholders, to the point that burning the whole idea down would improve society. Imagine if every ROM and piece of CPU microcode was a lot more transparent.

These things are often used because of contractual requirements. Mainstream media including video games are often contractually protected: you must not let it run/play on any device without sufficient hardware protections. So vendors have to include these protection systems even if they don't want to. If the systems were useless, this might end.

luma•2h ago
More recently, TPM and the systems surrounding it are being effectively used for attestation of the entire OS and driver stack at boot time, from UEFI up to a running OS. DRM sucks, but I do appreciate having some degree of hardware-level defense against rootkits or other advanced malware.
PaulHoule•2h ago
Practically though those systems seem to be pretty weak and are always getting broken, the TPM itself is another place where malware can hide, it's not clear to me that the benefits could ever outweigh the risks.
AstralStorm•2h ago
TPM itself is a simple data container with slow encryption/decryption capabilities. It cannot hide anything really.

You might have mistaken it for say Intel ME and the AMD equivalent.

Whinner•2h ago
From the article, "The low-cost, low-complexity attack works by placing a small piece of hardware between a single physical memory chip and the motherboard slot it plugs into. It also requires the attacker to compromise the operating system kernel". "Low-complexity" requires physical access and an OS compromise? What the hell would high complexity be?
jcranmer•2h ago
And the images also show that "small piece of hardware" is connected to lots of chonky ribbon connectors that make IDE cables look slim.
SAI_Peregrinus•2h ago
Focused Ion Beam workstation, decap the relevant IC & probe its internal connections directly. If protected by a mesh, also use the FIB to deposit extra metal to bypass the mesh to make the probe holes. If protected by light sensors, also bypass them. Create glitches by shining highly focused lasers onto specific transistors at specific times. Etc. The sorts of attacks Christopher Tarnovsky did on a bunch of TPMs & talked about at DEFCON.
beeflet•2h ago
I was looking for the old CCC talk about this stuff, but I ended up finding out about a project called RayV Lite which seeks to democratize this hardware

https://www.netspi.com/blog/executive-blog/hardware-and-embe...

https://github.com/ProjectLOREM/RayVLite

thenthenthen•32m ago
Could not find the CCC talk but here is a netspi presentation at this years BlackHat: https://youtu.be/Wyv3pSQopp0?si=dyVaYYlwkkXkkO8r
gpderetta•2h ago
Isn't one of the point of a secure enclave that it does not need to trust the rest of the computer it is running on?
graemep•1h ago
I thought the point of secure enclaves is to protect against attacks by someone with access to the hardware.

Therefore requiring physical assess is still low complexity in context.

codedokode•2h ago
As I understand, the purpose of "secure enclaves" is to enforce DRM, copyright protection, anti-debugging measures, so breaking them is a good thing.
embedding-shape•2h ago
Well, also used for confidential computing and other stuff that you might benefit from too, so not just to gatekeep stuff. Depending on what you use it for (or rather, what your computer is using it for), you might not want it broken in all cases.

With that said, I'd rather see it broken than not, considering it's mostly used for negative stuff, and it isn't open enough to evaluate if it actually is secure enough.

codedokode•2h ago
The purpose of secure enclave is to prevent administrator from accessing the data. I don't want anyone doing "confidential computing" on my devices. I am the person which can be trusted so there is no need to hide the encryption keys from me.
hollerith•2h ago
The false assumption in your argument IMHO is the assumption that none of the software on your device will ever betray you or contain an exploitable security hole. In actuality, it is useful from time to time to be able to run software you cannot completely trust such that the software cannot access all the data on the device (because the untrusted software cannot access your enclave).
embedding-shape•1h ago
> The purpose of secure enclave is to prevent administrator from accessing the data

Not only, it has many purposes. I'm also the administrator of my computer, and some things I want to be unchangable by software, unless I myself unlock it, like I don't want anyone to be able to boot or install other OSes than the ones I've installed myself. The secure enclave and secure boot is perfect for this, even if my computer gets malware they won't be able to access it, and even if someone gets physical access to my computer, they won't be able to boot their OS from a USB.

argomo•6m ago
Agreed. We need legally enforceable standards granting owners full control of their devices.

But also: TPMs could be used to prevent evil maid attacks and to make it uneconomical for thieves who stole your device to also steal your data. It makes it possible for devices to remotely arrest to their owners that the OS had not been compromised, which is relevant to enterprise IT environments. There are a lot of good uses for this technology, we just need to solve the political problems of aggressive copyright, TIVOization, etc.

bigmattystyles•2h ago
It’s also where private keys for your device to secure your data live, so it’s like nuclear power, you can make a bomb or a clean power plant.
beeflet•2h ago
the private keys to secure my data live in my brain
AstralStorm•2h ago
No, these should exist in the TPM and highly volatile memory like CPU cache. This including the decryption code. This can be achieved using mechanisms similar to what Coreboot does before RAM is initialized.

No need for the keys or decryption to touch easily intercepted and rowhammered RAM.

codedokode•2h ago
Why the keys for my device should be not accessible for me? The purpose of secure enclave is to prevent administrator from accessing the data.
foxyv•1h ago
A secure enclave should allow no one to access the data inside. It's essentially a little self contained computer that can do some basic crypto operations using the stored keys. It should never disclose the keys.
CGMthrowaway•2h ago
With the rise of "passkeys" that every single website is cramming down our throats now, aren't those also stored in the secure enclave? AKA the keys to your entire encrypted data and digitized life?
axus•1h ago
I look forward to recordings of the scam calls, where they ask the victim to "place a small piece of hardware between a single physical memory chip and the motherboard slot it plugs into".
out_of_protocol•1h ago
Not your keys - not your computer
foxyv•1h ago
They also store passkeys for logging into websites with biometrics and PIN.
whatshisface•1h ago
So do hard drives.
rhodey•2h ago
Amazon Nitro Enclaves not effected

IMO Amazon is the obvious choice for TEE because they make billions selling isolated compute

If you built a product on Intel or AMD and need to pivot do take a look at AWS Nitro Enclaves

I built up a small stack for Nitro: https://lock.host/ has all the links

MIT everything, dev-first focus

AWS will tell you to use AWS KMS to manage enclave keys

AWS KMS is ok if you are ok with AWS root account being able to get to keys

If you want to lock your TEE keys so even root cannot access I have something i the works for this

Write to: hello@lock.host if you want to discuss

beeflet•2h ago
why wouldn't it be effected?
rhodey•2h ago
Because AWS does not sell the Nitro TEE hardware

And so there is no case where you find a Nitro TEE online and the owner is not AWS

And it is practically impossible to break into AWS and perform this attack

The trust model of TEE is always: you trust the manufacturer

Intel and AMD broke this because now they say: you also trust where the TEE is installed

AWS = you trust the manufacturer = full story

7e•2h ago
Nitro Enclaves also require you to trust Amazon. No thanks, I'll take the hardware based solution.
7e•2h ago
"All three chipmakers exclude physical attacks from threat models for their TEEs."

So, working as intended.

general1465•1h ago
I would think that having TEE means that you can run secure software on unsecured hardware, if that's not the case, then what's the point of TEE in the first place?

Azure Outage

277•kierenj•1h ago•121 comments

Keep Android Open

http://keepandroidopen.org/
1926•LorenDB•13h ago•583 comments

Tailscale Peer Relays

https://tailscale.com/blog/peer-relays-beta
38•seemaze•54m ago•11 comments

Cursor Composer: Building a fast frontier model with RL

https://cursor.com/blog/composer
73•leerob•1h ago•39 comments

I made a 10¢ MCU Talk

https://www.atomic14.com/2025/10/29/CH32V003-talking
95•iamflimflam1•3h ago•31 comments

Floss Before Brushing

https://alearningaday.blog/2025/10/29/floss-before-brushing/
20•imasl42•54m ago•8 comments

Does brand advertising work? Upwave (YC S12) is hiring engineers to answer that

https://www.upwave.com/job/8228849002/
1•ckelly•16m ago

Beyond RaspberryPi: What are all the other SoC vendors up to *summarised*

https://sbcwiki.com/news/articles/state-of-embedded-q4-25/
57•HeyMeco•4d ago•25 comments

Collins Aerospace: Sending text messages to the cockpit with test:test

https://www.ccc.de/en/disclosure/collins-aerospace-mit-test-test-textnachrichten-bis-ins-cockpit-...
44•hacka22•2h ago•15 comments

Eye prosthesis is the first to restore sight lost to macular degeneration

https://med.stanford.edu/news/all-news/2025/10/eye-prosthesis.html
104•gmays•1w ago•10 comments

Azure major outage: Portal, Front Door and global regions down

59•sech8420•1h ago•33 comments

From VS Code to Helix

https://ergaster.org/posts/2025/10/29-vscode-to-helix/
149•todsacerdoti•3h ago•82 comments

Hosting SQLite Databases on GitHub Pages (2021)

https://phiresky.github.io/blog/2021/hosting-sqlite-databases-on-github-pages/
17•WA9ACE•1h ago•6 comments

Recreating a Homebrew Game System from 1987

https://alex-j-lowry.github.io/z80tvg.html
43•voxadam•3h ago•1 comments

Who needs Graphviz when you can build it yourself?

https://spidermonkey.dev/blog/2025/10/28/iongraph-web.html
373•pdubroy•11h ago•69 comments

AWS to bare metal two years later: Answering your questions about leaving AWS

https://oneuptime.com/blog/post/2025-10-29-aws-to-bare-metal-two-years-later/view
415•ndhandala•6h ago•312 comments

Show HN: HUD-like live annotation and sketching app for macOS

https://draw.wrobele.com/
26•tomaszsobota•2h ago•8 comments

ChatGPT's Atlas: The Browser That's Anti-Web

https://www.anildash.com//2025/10/22/atlas-anti-web-browser/
646•AndrewDucker•4d ago•269 comments

Tips for stroke-surviving software engineers

https://blog.j11y.io/2025-10-29_stroke_tips_for_engineers/
402•padolsey•13h ago•144 comments

Tell HN: Twilio support replies with hallucinated features

50•haute_cuisine•1h ago•8 comments

Kafka is Fast – I'll use Postgres

https://topicpartition.io/blog/postgres-pubsub-queue-benchmarks
168•enether•3h ago•165 comments

uBlock Origin Lite Apple App Store

https://apps.apple.com/in/app/ublock-origin-lite/id6745342698
329•mumber_typhoon•13h ago•157 comments

Show HN: Learn German with Games

https://www.learngermanwithgames.com/
59•predictand•5h ago•30 comments

The end of the rip-off economy: consumers use LLMs against information asymmetry

https://www.economist.com/finance-and-economics/2025/10/27/the-end-of-the-rip-off-economy
118•scythe•1h ago•100 comments

AirTips – Alternative to Bento.me/Linktree

https://a.coffee/
10•Airyisland•1h ago•7 comments

Oracle has adopted BOOLEAN in 23ai and PostgreSQL had it forever

https://hexacluster.ai/blog/postgresql/oracles-adoption-of-native-boolean-data-type-vs-postgresql/
13•avi_vallarapu•2h ago•9 comments

SpiderMonkey Garbage Collector

https://firefox-source-docs.mozilla.org/js/gc.html
67•sebg•8h ago•3 comments

Berkeley Out-of-Order RISC-V Processor (Boom) (2020)

https://docs.boom-core.org/en/latest/sections/intro-overview/boom.html
28•Bogdanp•4h ago•9 comments

Minecraft removing obfuscation in Java Edition

https://www.minecraft.net/en-us/article/removing-obfuscation-in-java-edition
9•SteveHawk27•1h ago•1 comments

AOL to be sold to Bending Spoons for roughly $1.5B

https://www.axios.com/2025/10/29/aol-bending-spoons-deal
20•jmsflknr•47m ago•4 comments