RSA Conference 2019: Picking Apart the Foreshadow Attack

intel foreshadow attack

Raoul Strackx, one of the researchers who discovered the Foreshadow speculative execution vulnerability, talks at RSA about the Catch-22 issue when it comes to fixing speculative execution flaws.

SAN FRANCISCO – Starting off with a bang with Spectre and Meltdown, 2018 was the year of speculative execution vulnerabilities in CPUs, which wreaked havoc in the IT industry. One of these attacks, dubbed Foreshadow, could allow unauthorized disclosure of information.

Foreshadow impacts the Intel SGX enclaves technology, Intel’s approach for application developers seeking to protect select code and data from disclosure. The attack gives bad actors the ability to extract any data that’s supposed to be protected via SGX secure memory.

Raoul Strackx, post-doctoral researcher at KU Leuven and one of the researchers who discovered Foreshadow, broke down the attack this year at the RSA Conference, and outlined why speculative execution vulnerabilities are not going away.

“This is probably not going to be the last big vulnerability that was discovered, we’re sure that others will follow as well, and basically it comes down to the fact that these processes are simply becoming way too complex,” Strackx told Threatpost at RSA. “I would say that’s the main problem, but if you disable speculative execution, then the performance impact is going to be huge, and so no one would be willing to do this. So there needs to be more academic research there.”

Listen to Threatpost’s podcast with Strackx at RSA this year, below.

For direct download click here.

Suggested articles

Discussion

  • Past is Prologue on

    We'ren't they supposed to be encrypting data natively during processing? I guess that's just not as easy to do as it sounds since they've been talking about this and code signing everything for decades now. The problem isn't the speculation per se, but the fact that the user can see what the cpu is doing and therefore compromise private data. Why isn't the cpu space better protected from this kind of memory dumping during a speculative execute? Is it that important to bugtest it that all cpus need to do this? Maybe development cpus can be a thing... or maybe all just a pipe dream. We won't know unless we try to bring these possibilities back into focus.

Leave A Comment

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.