Hey all,
This is an open discussion for everyone on what is going on with the whole "Why can't I undervolt my laptop malarky".
First thing I'm going to open with is this:
https://www.intel.com/content/www/us/en/support/articles/000055804/processors.html and
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.htmlFrom this back in December 2019 intel publicly let loose the juice that information can be accessed from your computer thought Intel® Software Guard Extensions (Intel® SGX) and this can be done remotely meaning someone can just access your computer on the go...
"OK but how?"
Through a Privilege escalation attack
A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design *
"Source PEA"The method used is known as Plundevolt (but there are others that can access in different ways)
https://plundervolt.com/ This is the group of international researchers who found and reported the vulnerabilities relating to intels SGX
The site shows 3 examples of how information can be tampered and made available to intercept (Videos listed below)
https://www.youtube.com/watch?v=1bvK532x3ys - Plundervolt - Faulting Multiplications (Watch first)
https://www.youtube.com/watch?v=In3B9L5Jyo4 - Plundervolt- Faulting AES inside SGX
https://www.youtube.com/watch?v=yo9B2ZRVW9Q - Plundervolt - Memory Corruption inside SGX
If you don't want to visit the site and convenience common questions and answers are: (A lot of this is C&P enjoy)
Intel Software Guard Extensions (SGX) is a set of security-related instruction codes that are built into modern Intel CPUs. SGX allows to shield sensitive computations inside so-called "enclaves". The contents of these enclaves are protected and cannot be accessed or modified from outside the enclave. This includes an attacker who has root privileges in the normal (untrusted) operating system.
- Does this attack affect only SGX, or also other applications on Intel processors?
Plundervolt is a similar class of Undervolting attacks like CLKScrew and VoltJockey executed on SGX enclaves. This is because the undervolting interface is only accessible with root privileges in the untrusted operating system - it would not make sense to attack software with undervolting when you're already root, apart from the case of SGX (which should protect against a root attacker). We also reviewed common hypervisors and virtual machine software and found that the guest OS cannot access the undervolting interface (which otherwise would allow an attack on the host OS).
- Does an attacker need physical access to my computer for this?
No. The undervolting interface is accessible from software, so if a remote attacker can become root in the untrusted OS, she can also mount the Plundervolt attack. In any case, note that attackers with physical access would also be in the threat model of SGX (e.g. to protect against malicious cloud providers).
- What should affected user do?
If you do not use SGX, you do not need to do anything. If you do use SGX: Intel has released a microcode update that - together with a BIOS update - allows disabling of the undervolting interface. The fact that undervolting is disabled will be reflected in remote attestation. More information can be found in
Intel's security advisory.- Should I now throw away my CPU or stop using SGX altogether?
No, definitely not. If you are not using SGX, no actions are required. If you are using SGX, it suffices to apply the microcode update provided by Intel to mitigate Plundervolt.
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
It's a lot to wrap up does look quite the read tho... If anyone wants to read on the study its here
https://plundervolt.com/doc/plundervolt.pdf If your academic don't forget to cite your papers
😉 (Cite can be found on the website as well).
TLDR?
This is out of Asus's hands and this affects other OEM brands too so they will have the same issues. Be patient if security is a thing for you get the bios updates. If you want or need to undervolt just understand that the risks are real.
Good luck