TEE.Fail shows how $1,000 hardware can extract keys from Intel and AMD DDR5 secure enclaves.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

Researchers discovered TEE.Fail, a side-channel attack that extracts cryptographic keys from Intel SGX/TDX and AMD SEV-SNP secure enclaves using $1,000 hardware to intercept DDR5 memory traffic. The attack exploits deterministic AES-XTS encryption to compromise trusted execution environments, extract attestation keys, and potentially break GPU confidential computing. Both Intel and AMD consider physical attacks out of scope and have no plans for mitigations, though software countermeasures exist at significant performance cost.

New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves