Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Republic of Gamers Forum
- Laptops & Desktops
- ROG Strix Series
- Understanding undervolt issues. (open discussion)
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Understanding undervolt issues. (open discussion)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
08-19-2020
07:39 PM
- last edited on
03-05-2024
07:47 PM
by
ROGBot
Hey all,
This is an open discussion for everyone on what is going on with the whole "Why can't I undervolt my laptop malarky".
First thing I'm going to open with is this: https://www.intel.com/content/www/us/en/support/articles/000055804/processors.html and https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html
From this back in December 2019 intel publicly let loose the juice that information can be accessed from your computer thought Intel® Software Guard Extensions (Intel® SGX) and this can be done remotely meaning someone can just access your computer on the go...
"OK but how?"
Through a Privilege escalation attack
A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design * "Source PEA"
The method used is known as Plundevolt (but there are others that can access in different ways)
https://plundervolt.com/ This is the group of international researchers who found and reported the vulnerabilities relating to intels SGX
The site shows 3 examples of how information can be tampered and made available to intercept (Videos listed below)
https://www.youtube.com/watch?v=1bvK532x3ys - Plundervolt - Faulting Multiplications (Watch first)
https://www.youtube.com/watch?v=In3B9L5Jyo4 - Plundervolt- Faulting AES inside SGX
https://www.youtube.com/watch?v=yo9B2ZRVW9Q - Plundervolt - Memory Corruption inside SGX
If you don't want to visit the site and convenience common questions and answers are: (A lot of this is C&P enjoy)
Intel Software Guard Extensions (SGX) is a set of security-related instruction codes that are built into modern Intel CPUs. SGX allows to shield sensitive computations inside so-called "enclaves". The contents of these enclaves are protected and cannot be accessed or modified from outside the enclave. This includes an attacker who has root privileges in the normal (untrusted) operating system.
Plundervolt is a similar class of Undervolting attacks like CLKScrew and VoltJockey executed on SGX enclaves. This is because the undervolting interface is only accessible with root privileges in the untrusted operating system - it would not make sense to attack software with undervolting when you're already root, apart from the case of SGX (which should protect against a root attacker). We also reviewed common hypervisors and virtual machine software and found that the guest OS cannot access the undervolting interface (which otherwise would allow an attack on the host OS).
No. The undervolting interface is accessible from software, so if a remote attacker can become root in the untrusted OS, she can also mount the Plundervolt attack. In any case, note that attackers with physical access would also be in the threat model of SGX (e.g. to protect against malicious cloud providers).
If you do not use SGX, you do not need to do anything. If you do use SGX: Intel has released a microcode update that - together with a BIOS update - allows disabling of the undervolting interface. The fact that undervolting is disabled will be reflected in remote attestation. More information can be found in Intel's security advisory.
No, definitely not. If you are not using SGX, no actions are required. If you are using SGX, it suffices to apply the microcode update provided by Intel to mitigate Plundervolt.
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
It's a lot to wrap up does look quite the read tho... If anyone wants to read on the study its here https://plundervolt.com/doc/plundervolt.pdf If your academic don't forget to cite your papers 😉 (Cite can be found on the website as well).
TLDR?
This is out of Asus's hands and this affects other OEM brands too so they will have the same issues. Be patient if security is a thing for you get the bios updates. If you want or need to undervolt just understand that the risks are real.
Good luck
This is an open discussion for everyone on what is going on with the whole "Why can't I undervolt my laptop malarky".
First thing I'm going to open with is this: https://www.intel.com/content/www/us/en/support/articles/000055804/processors.html and https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html
From this back in December 2019 intel publicly let loose the juice that information can be accessed from your computer thought Intel® Software Guard Extensions (Intel® SGX) and this can be done remotely meaning someone can just access your computer on the go...
"OK but how?"
Through a Privilege escalation attack
A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design * "Source PEA"
The method used is known as Plundevolt (but there are others that can access in different ways)
https://plundervolt.com/ This is the group of international researchers who found and reported the vulnerabilities relating to intels SGX
The site shows 3 examples of how information can be tampered and made available to intercept (Videos listed below)
https://www.youtube.com/watch?v=1bvK532x3ys - Plundervolt - Faulting Multiplications (Watch first)
https://www.youtube.com/watch?v=In3B9L5Jyo4 - Plundervolt- Faulting AES inside SGX
https://www.youtube.com/watch?v=yo9B2ZRVW9Q - Plundervolt - Memory Corruption inside SGX
If you don't want to visit the site and convenience common questions and answers are: (A lot of this is C&P enjoy)
- What is Intel SGX?
Intel Software Guard Extensions (SGX) is a set of security-related instruction codes that are built into modern Intel CPUs. SGX allows to shield sensitive computations inside so-called "enclaves". The contents of these enclaves are protected and cannot be accessed or modified from outside the enclave. This includes an attacker who has root privileges in the normal (untrusted) operating system.
- Does this attack affect only SGX, or also other applications on Intel processors?
Plundervolt is a similar class of Undervolting attacks like CLKScrew and VoltJockey executed on SGX enclaves. This is because the undervolting interface is only accessible with root privileges in the untrusted operating system - it would not make sense to attack software with undervolting when you're already root, apart from the case of SGX (which should protect against a root attacker). We also reviewed common hypervisors and virtual machine software and found that the guest OS cannot access the undervolting interface (which otherwise would allow an attack on the host OS).
- Does an attacker need physical access to my computer for this?
No. The undervolting interface is accessible from software, so if a remote attacker can become root in the untrusted OS, she can also mount the Plundervolt attack. In any case, note that attackers with physical access would also be in the threat model of SGX (e.g. to protect against malicious cloud providers).
- What should affected user do?
If you do not use SGX, you do not need to do anything. If you do use SGX: Intel has released a microcode update that - together with a BIOS update - allows disabling of the undervolting interface. The fact that undervolting is disabled will be reflected in remote attestation. More information can be found in Intel's security advisory.
- Should I now throw away my CPU or stop using SGX altogether?
No, definitely not. If you are not using SGX, no actions are required. If you are using SGX, it suffices to apply the microcode update provided by Intel to mitigate Plundervolt.
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
It's a lot to wrap up does look quite the read tho... If anyone wants to read on the study its here https://plundervolt.com/doc/plundervolt.pdf If your academic don't forget to cite your papers 😉 (Cite can be found on the website as well).
TLDR?
This is out of Asus's hands and this affects other OEM brands too so they will have the same issues. Be patient if security is a thing for you get the bios updates. If you want or need to undervolt just understand that the risks are real.
Good luck
Labels:
- Labels:
-
ROG Laptops
-
ROG Notebooks
856 Views
0 REPLIES 0
