#tdx — Public Fediverse posts

How “verified #privacy ” can’t be verified
in this post, we explore how verified privacy, a VPN provider, is a total sham.
#privacy #security #vpn #kyc #intel #sgx #ime #tdx #scam #opsec #itsec #comsec https://blindsoft.net/blog/vp.html

And, once again, "trusted computing" should not be trusted…

L. Wilke et al, "TDXdown: Single-Stepping and Instruction Counting Attacks against Intel TDX"¹

[…]

Intel recently launched Intel TDX, its second generation TEE, which protects whole virtual ma- chines (VMs). To minimize the attack surface to side-channels, TDX comes with a dedicated single-stepping attack countermeasure.
In this paper, we systematically analyze the single-stepping coun- termeasure of Intel TDX and show, for the first time, that both, the built-in detection heuristic as well as the prevention mechanism, can be circumvented. We reliably single-step TDX-protected VMs by deluding the TDX security monitor about the elapsed processing time used as part of the detection heuristic. Moreover, our study reveals a design flaw in the single-stepping countermeasure that turns the prevention mechanism against itself: An inherent side- channel within the prevention mechanism leaks the number of instructions executed by the TDX-protected VM, enabling a novel attack we refer to as StumbleStepping. Both attacks, single-stepping and StumbleStepping, work on the most recent Intel TDX enabled Xeon Scalable CPUs.

Using StumbleStepping, we demonstrate a novel end-to-end at- tack against wolfSSL’s ECDSA implementation, exploiting a con- trol flow side-channel in its truncation-based nonce generation algorithm. We provide a systematic study of nonce-truncation im- plementations, revealing similar leakages in OpenSSL, which we exploit with our single-stepping primitive. Finally, we propose de- sign changes to TDX to mitigate our attacks.

[…]

#TDX #TrustedComputing #Intel
__
¹ https://uzl-its.github.io/tdxdown/

Taurus, Aktionariat partner to enable trading of tokenized shares - Taurus and Aktionariat’s collaboration will allow Swiss SMEs to tokenize... - https://cointelegraph.com/news/taurus-aktionariat-tokenize-sme-shares-tdx #tokenizedshares #realunitschweiz #aktionariat #blockchain #swisssmes #liquidity #ethereum #fintech #taurus #tdx

Taurus, Aktionariat partner to enable trading of tokenized shares - Taurus and Aktionariat’s collaboration will allow Swiss SMEs to tokenize... - https://cointelegraph.com/news/taurus-aktionariat-tokenize-sme-shares-tdx #tokenizedshares #realunitschweiz #aktionariat #blockchain #swisssmes #liquidity #ethereum #fintech #taurus #tdx

Taurus, Aktionariat partner to enable trading of tokenized shares - Taurus and Aktionariat’s collaboration will allow Swiss SMEs to tokenize... - https://cointelegraph.com/news/taurus-aktionariat-tokenize-sme-shares-tdx #tokenizedshares #realunitschweiz #aktionariat #blockchain #swisssmes #liquidity #ethereum #fintech #taurus #tdx

Taurus, Aktionariat partner to enable trading of tokenized shares - Taurus and Aktionariat’s collaboration will allow Swiss SMEs to tokenize... - https://cointelegraph.com/news/taurus-aktionariat-tokenize-sme-shares-tdx #tokenizedshares #realunitschweiz #aktionariat #blockchain #swisssmes #liquidity #ethereum #fintech #taurus #tdx