Hello, welcome to the Friday, November 22nd, 2019 edition of the Santernut Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm quoting from Riyadh, Saudi Arabia.

Looks like still about once a month or so, we learn about a new site channel attack that allows processes to read each other's memory.

Well, this of course is a particular problem for virtual machines where you have various virtual machines sharing the same hardware.

And of course, you are relying on the hardware somewhat to keep

these virtual machines separate from each other. One attempted solution to this problem is

the use of encrypted memory and both Intel as well as AMD have come up with solutions to

encrypt memory.

Now in part these solutions of course still aren't perfect and susceptible to some of

the same vulnerabilities that can be used to read out other processes memories.

A recent paper takes a closer look at AMD's implementation of this particular memory encryption

in its naplice generation of epic chips.

Now, for AMD, a critical component is the chip endorsement key or C.E.K.

The confidentiality of this chip is critical in order to maintain the security of encrypted memory.

Researchers from the Technical University Berlin took a closer look at AMD's implementation and found a method to

actually read this key using malicious firmware. What kind of makes this verse is that there's

also no protection to actually load old firmware in the chip so you can always downcrate it and as a result there

isn't really any great protection for this particular attack according to these

researchers any protection would require hardware fixes and could not be

implemented in software alone.

And if you downloaded the Monero command line wallet from the Get Monero website on Monday,

you should double check your binaries because you may have downloaded a compromised version.

...