Researchers disclosed two hardware attacks—Battering RAM and Wiretap—that can read and even tamper with data protected by Intel SGX and AMD SEV‑SNP trusted execution environments. By exploiting deterministic encryption and inserting physical interposers, attackers can passively decrypt or actively modify enclave contents. This challenges the premise that TEEs can safely shield secrets in hostile or compromised data centers.
— If 'confidential computing' can be subverted with physical access, cloud‑security policy, compliance regimes, and critical infrastructure risk models must be revised to account for insider and supply‑chain threats.
Stephen Johnson
2026.01.13
40% relevant
That idea highlights how hardware attacks can defeat presumed technical protections and change threat models; this article similarly documents a physical/engineering capability (pulsed radio device) that could produce real‑world harms and thereby requires reassessing defensive postures for personnel and facilities.
msmash
2026.01.13
62% relevant
Confer’s reliance on trusted execution environments (TEEs) and remote attestation raises the same policy question raised by the existing disclosure about hardware‑level attacks on TEEs: if TEEs are the backbone of privacy‑preserving AI, their physical and supply‑chain vulnerabilities become an immediate public‑security and regulation problem.
BeauHD
2025.10.02
100% relevant
Ars Technica report on the Battering RAM and Wiretap papers showing SGX/SEV‑SNP compromise via deterministic encryption weaknesses and physical interposers.
← Back to All Ideas