Dark mode: ON

Infosec Decoded Season 3 #33: Intel TDX

With @kaitlynguru@infosec.exchange and @sambowne@infosec.exchange

Apr 25, 2023

Kaitlyn Handelman

Stability AI launches StableLM, an open source ChatGPT alternative

AI is taking the jobs of Kenyans who write essays for U.S. college students

A private moon lander will make history when it touches down on April 25. Here's how to watch it live

Sam Bowne

After compromising a Windows host and having obtained local administrator privileges, the following type of secrets can be retrieved: Secrets in LSASS process, Secrets in registry such as LSA secrets, and DPAPI (Data Protection API) secrets. This article describes them and lists tools to extract them. The secreta include hashes, cleartext credentials, Kerberos tickets, and more. The tools use memory dumps and known vulnerable kernel drivers.

Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs
After years of scrambling to remediate the security fallout from design flaws in the processor feature known as “speculative execution,” chipmakers have invested more in advanced security testing. GOOGLE CLOUD AND Intel released results today from a nine-month audit of Intel's new hardware security product: Trust Domain Extensions (TDX). The analysis revealed 10 confirmed vulnerabilities, including two that researchers at both companies flagged as significant. One related to loose ends from a cryptographic integrity feature that had been dropped from the product. The other was in Intel's Authenticated Code Modules, which are cryptographically signed chunks of code that are built to run in the processor at a particular time. The vulnerability involved a small window in which an attacker could have hijacked the mechanism to execute malicious code.

Intel® Trust Domain Extensions (Intel® TDX)
Intel® Trust Domain Extensions (Intel® TDX) is introducing new, architectural elements to help deploy hardware-isolated, virtual machines (VMs) called trust domains (TDs). Intel TDX is designed to isolate VMs from the virtual-machine manager (VMM)/hypervisor and any other non-TD software on the platform to protect TDs from a broad range of software. These hardware-isolated TDs include: Secure-Arbitration Mode (SEAM), Intel® Total Memory Encryption-Multi Key (Intel TME-MK) engine, and Remote attestation designed to provide evidence of TD executing on a genuine, Intel TDX system and its TCB version.

Smartphones With Popular Qualcomm Chip Secretly Share Private Information With US Chip-Maker
Qualcomm chipsets are backdoored. "During our security research we found that smart phones with Qualcomm chip secretly send personal data to Qualcomm. This data is sent without user consent, unencrypted, and even when using a Google-free Android distribution. This is possible because the Qualcomm chipset itself sends the data, circumventing any potential Android operating system setting and protection mechanisms."