Stefan GastApr 14

Interesting work on AMD SEV-SNP by Benedict Schlüter, Christoph Wech and @Shweta: https://fabricked-attack.github.io/

By reconfiguring data fabric routing from the untrusted, hypervisor-controlled UEFI firmware, they redirect Platform Security Processor (PSP) memory accesses, compromising SEV-SNP initialization, particularly the Reverse Map Table (RMP).

#Fabricked #sevsnp #security #hardwaresecurity #confidentalcomputing

Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP

Confidential computing allows cloud tenants to offload sensitive computations and data to remote resources without needing to trust the cloud service provider. Hardware-based trusted execution environments, like AMD SEV-SNP, achieve this by creating Confidential Virtual Machines (CVMs). With Fabricked, we present a novel software-based attack that manipulates memory routing to compromise AMD SEV-SNP. By redirecting memory transactions, a malicious hypervisor can deceive the secure co-processor (PSP) into improperly initializing SEV-SNP. This enables the attacker to perform arbitrary read and write access within the CVM address space, thus breaking SEV-SNP core security guarantees.

Fabricked
Show threadAS 396507Dec 5

# Evolving Our Tor Relay Security Architecture

https://blog.emeraldonion.org/evolving-our-tor-relay-security-architecture

A new blog post where @alexhaydock goes into some detail showcasing our minimalistic @alpinelinux Tor relays architecture, a threat model, and including a link to our now-public open source "Emerald Relays" orchestration framework.

The past 6 months have proven its success, and now we look forward to phase 2 (read the post!), which we need your help in funding. Emerald Onion is a U.S. 501(c)(3) tax-deductible nonprofit, so please consider donating before 31 December! https://emeraldonion.org/donate/

#Tor #TorOps #Privacy #AntiCensorship #Anonymity #Ansible #Proxmox #Terraform #AMD #Epyc #SEVSNP #NonProfit #GivingTuesday

Evolving Our Tor Relay Security Architecture

Fundraiser Emerald Onion needs your help! We are a U.S. tax-deductible 501\(c\)(3), and we are fundraising for new server hardware that s...

Emerald Onion
scyFeb 25, 2023

Oh look, Microsoft has given me access to #Bing’s AI search feature. Didn’t expect them to allow new users in at this time, I would’ve thought they’d improve the whole “Bing AI going nuclear on people” thing first.

But maybe they already did, because our first conversation went absolutely fine.

#Intel #AMD #SEV #SEVSNP #Epyc