RSA Conference 2019: Picking Apart the Foreshadow Attack

2019-03-05T11:40:01
ID THREATPOST:F4165AC9029442D0F2C297D9AD2388A4
Type threatpost
Reporter Lindsey O'Donnell
Modified 2019-03-05T11:40:01

Description

SAN FRANCISCO – Starting off with a bang with Spectre and Meltdown, 2018 was the year of speculative execution vulnerabilities in CPUs, which wreaked havoc in the IT industry. One of these attacks, dubbed Foreshadow, could allow unauthorized disclosure of information.

Foreshadow impacts the Intel SGX enclaves technology, Intel’s approach for application developers seeking to protect select code and data from disclosure. The attack gives bad actors the ability to extract any data that’s supposed to be protected via SGX secure memory.

Raoul Strackx, post-doctoral researcher at KU Leuven and one of the researchers who discovered Foreshadow, broke down the attack this year at the RSA Conference, and outlined why speculative execution vulnerabilities are not going away.

“This is probably not going to be the last big vulnerability that was discovered, we’re sure that others will follow as well, and basically it comes down to the fact that these processes are simply becoming way too complex,” Strackx told Threatpost at RSA. “I would say that’s the main problem, but if you disable speculative execution, then the performance impact is going to be huge, and so no one would be willing to do this. So there needs to be more academic research there.”

Listen to Threatpost’s podcast with Strackx at RSA this year, below.

[

](<http://iframe%20style=border:%20none%20src=//html5-player.libsyn.com/embed/episode/id/8822774/height/360/theme/legacy/thumbnail/yes/direction/backward/%20height=360%20width=100%%20scrolling=no%20%20allowfullscreen%20webkitallowfullscreen%20mozallowfullscreen%20oallowfullscreen%20msallowfullscreen/iframe>)

For direct download click here.