Could Intel SGX be dangerous under Linux? The Next CEO of Stack OverflowRDRAND in Intel Celeron CPUs under LinuxFreshness for SGX enclavesUsing SGX for connection establishingIntel SGX and enclaves - how secured is it?How does Intel SGX protect itself from being simulated?Reverse engineering sgx executableHow does Meltdown/Spectre impact Intel SGX?Intel SGX - Remote attestationWhat are the security implications of not using Intel SGX's launch token?Does SGX provide a significant benefit for desktop operating systems?
free fall ellipse or parabola?
Decide between Polyglossia and Babel for LuaLaTeX in 2019
The Ultimate Number Sequence Puzzle
Aggressive Under-Indexing and no data for missing index
Is a distribution that is normal, but highly skewed, considered Gaussian?
Yu-Gi-Oh cards in Python 3
IC has pull-down resistors on SMBus lines?
In the "Harry Potter and the Order of the Phoenix" video game, what potion is used to sabotage Umbridge's speakers?
Help/tips for a first time writer?
Could a dragon use its wings to swim?
Why am I getting "Static method cannot be referenced from a non static context: String String.valueOf(Object)"?
It is correct to match light sources with the same color temperature?
What does "shotgun unity" refer to here in this sentence?
Does Germany produce more waste than the US?
From jafe to El-Guest
What difference does it make using sed with/without whitespaces?
Lucky Feat: How can "more than one creature spend a luck point to influence the outcome of a roll"?
What CSS properties can the br tag have?
How to get the last not-null value in an ordered column of a huge table?
Why is the US ranked as #45 in Press Freedom ratings, despite its extremely permissive free speech laws?
How to use ReplaceAll on an expression that contains a rule
Audio Conversion With ADS1243
How to find image of a complex function with given constraints?
Help understanding this unsettling image of Titan, Epimetheus, and Saturn's rings?
Could Intel SGX be dangerous under Linux?
The Next CEO of Stack OverflowRDRAND in Intel Celeron CPUs under LinuxFreshness for SGX enclavesUsing SGX for connection establishingIntel SGX and enclaves - how secured is it?How does Intel SGX protect itself from being simulated?Reverse engineering sgx executableHow does Meltdown/Spectre impact Intel SGX?Intel SGX - Remote attestationWhat are the security implications of not using Intel SGX's launch token?Does SGX provide a significant benefit for desktop operating systems?
Question Background
This morning, by accident I have found, that there is basically a backdoor in a dormant state in my Dell laptop: Computrace, which comes from Absolute Software - link to their Web, link to Wikipedia.
Actual Question
Since I read some UEFI/BIOS setting can't be changed once set already, I wonder if such practice is also the case in Intel SGX technology (SGX Intel, SGX Wikipedia), which I probably would like to disable too since I've seen from this Linux shell script that SGX is Enabled in my system configuration and then proved by looking into UEFI/BIOS, where it's currently set to Software Controlled, I would like to ask if having SGX enabled or software-controlled is a bad practice, or worse - Could Intel SGX be dangerous under Linux?
Personal Background
I'm a security amateur at home. I'm primarily interested in VPN topics, and I don't even know what SGX really does yet.
linux intel-sgx
asked Mar 24 at 9:04
VlastimilVlastimil
608921
add a comment |
Question Background
This morning, by accident I have found, that there is basically a backdoor in a dormant state in my Dell laptop: Computrace, which comes from Absolute Software - link to their Web, link to Wikipedia.
Actual Question
Since I read some UEFI/BIOS setting can't be changed once set already, I wonder if such practice is also the case in Intel SGX technology (SGX Intel, SGX Wikipedia), which I probably would like to disable too since I've seen from this Linux shell script that SGX is Enabled in my system configuration and then proved by looking into UEFI/BIOS, where it's currently set to Software Controlled, I would like to ask if having SGX enabled or software-controlled is a bad practice, or worse - Could Intel SGX be dangerous under Linux?
Personal Background
I'm a security amateur at home. I'm primarily interested in VPN topics, and I don't even know what SGX really does yet.
linux intel-sgx
asked Mar 24 at 9:04
VlastimilVlastimil
608921
What is your threat model?
– forest
Mar 24 at 9:33
1
@forest I'm not sure what your question means. You might want to put it in layman's terms for me. Thank you.
– Vlastimil
Mar 24 at 13:09
A threat model is an abstract model of a person's adversaries, the assets the adversaries are attempting to compromise, and various other salient factors. For example, SGX, as Steffen Ullrich says, makes it possible for malware to hide its exact computations, but it does not allow someone to escalate privileges.
– forest
Mar 25 at 0:20
In general, unless your threat model is really, really specific E.g. If you are a reverse engineer who expects to be infected with malware performing secret computations and which does not run privileged and while you have no access to log the infection vector (network, etc) then SGX might not be a great idea because you wouldn't be able to analyze the malware (but you would know it exists and know what overt actions it takes on your computer). Otherwise, you have absolutely nothing to worry about and SGX is harmless.
– forest
Mar 25 at 0:22
add a comment |
Question Background
This morning, by accident I have found, that there is basically a backdoor in a dormant state in my Dell laptop: Computrace, which comes from Absolute Software - link to their Web, link to Wikipedia.
Actual Question
Since I read some UEFI/BIOS setting can't be changed once set already, I wonder if such practice is also the case in Intel SGX technology (SGX Intel, SGX Wikipedia), which I probably would like to disable too since I've seen from this Linux shell script that SGX is Enabled in my system configuration and then proved by looking into UEFI/BIOS, where it's currently set to Software Controlled, I would like to ask if having SGX enabled or software-controlled is a bad practice, or worse - Could Intel SGX be dangerous under Linux?
Personal Background
I'm a security amateur at home. I'm primarily interested in VPN topics, and I don't even know what SGX really does yet.
linux intel-sgx
asked Mar 24 at 9:04
VlastimilVlastimil
608921
Question Background
This morning, by accident I have found, that there is basically a backdoor in a dormant state in my Dell laptop: Computrace, which comes from Absolute Software - link to their Web, link to Wikipedia.
Actual Question
Since I read some UEFI/BIOS setting can't be changed once set already, I wonder if such practice is also the case in Intel SGX technology (SGX Intel, SGX Wikipedia), which I probably would like to disable too since I've seen from this Linux shell script that SGX is Enabled in my system configuration and then proved by looking into UEFI/BIOS, where it's currently set to Software Controlled, I would like to ask if having SGX enabled or software-controlled is a bad practice, or worse - Could Intel SGX be dangerous under Linux?
Personal Background
I'm a security amateur at home. I'm primarily interested in VPN topics, and I don't even know what SGX really does yet.
linux intel-sgx
linux intel-sgx
asked Mar 24 at 9:04
VlastimilVlastimil
608921
asked Mar 24 at 9:04
VlastimilVlastimil
608921
edited Mar 24 at 13:52
Vlastimil
asked Mar 24 at 9:04
VlastimilVlastimil
608921
asked Mar 24 at 9:04
VlastimilVlastimil
608921
asked Mar 24 at 9:04
VlastimilVlastimil
608921
608921
What is your threat model?
– forest
Mar 24 at 9:33
1
@forest I'm not sure what your question means. You might want to put it in layman's terms for me. Thank you.
– Vlastimil
Mar 24 at 13:09
A threat model is an abstract model of a person's adversaries, the assets the adversaries are attempting to compromise, and various other salient factors. For example, SGX, as Steffen Ullrich says, makes it possible for malware to hide its exact computations, but it does not allow someone to escalate privileges.
– forest
Mar 25 at 0:20
In general, unless your threat model is really, really specific E.g. If you are a reverse engineer who expects to be infected with malware performing secret computations and which does not run privileged and while you have no access to log the infection vector (network, etc) then SGX might not be a great idea because you wouldn't be able to analyze the malware (but you would know it exists and know what overt actions it takes on your computer). Otherwise, you have absolutely nothing to worry about and SGX is harmless.
– forest
Mar 25 at 0:22
add a comment |
What is your threat model?
– forest
Mar 24 at 9:33
1
@forest I'm not sure what your question means. You might want to put it in layman's terms for me. Thank you.
– Vlastimil
Mar 24 at 13:09
A threat model is an abstract model of a person's adversaries, the assets the adversaries are attempting to compromise, and various other salient factors. For example, SGX, as Steffen Ullrich says, makes it possible for malware to hide its exact computations, but it does not allow someone to escalate privileges.
– forest
Mar 25 at 0:20
In general, unless your threat model is really, really specific E.g. If you are a reverse engineer who expects to be infected with malware performing secret computations and which does not run privileged and while you have no access to log the infection vector (network, etc) then SGX might not be a great idea because you wouldn't be able to analyze the malware (but you would know it exists and know what overt actions it takes on your computer). Otherwise, you have absolutely nothing to worry about and SGX is harmless.
– forest
Mar 25 at 0:22
What is your threat model?
– forest
Mar 24 at 9:33
What is your threat model?
– forest
Mar 24 at 9:33
1
1
@forest I'm not sure what your question means. You might want to put it in layman's terms for me. Thank you.
– Vlastimil
Mar 24 at 13:09
@forest I'm not sure what your question means. You might want to put it in layman's terms for me. Thank you.
– Vlastimil
Mar 24 at 13:09
A threat model is an abstract model of a person's adversaries, the assets the adversaries are attempting to compromise, and various other salient factors. For example, SGX, as Steffen Ullrich says, makes it possible for malware to hide its exact computations, but it does not allow someone to escalate privileges.
– forest
Mar 25 at 0:20
A threat model is an abstract model of a person's adversaries, the assets the adversaries are attempting to compromise, and various other salient factors. For example, SGX, as Steffen Ullrich says, makes it possible for malware to hide its exact computations, but it does not allow someone to escalate privileges.
– forest
Mar 25 at 0:20
In general, unless your threat model is really, really specific E.g. If you are a reverse engineer who expects to be infected with malware performing secret computations and which does not run privileged and while you have no access to log the infection vector (network, etc) then SGX might not be a great idea because you wouldn't be able to analyze the malware (but you would know it exists and know what overt actions it takes on your computer). Otherwise, you have absolutely nothing to worry about and SGX is harmless.
– forest
Mar 25 at 0:22
In general, unless your threat model is really, really specific E.g. If you are a reverse engineer who expects to be infected with malware performing secret computations and which does not run privileged and while you have no access to log the infection vector (network, etc) then SGX might not be a great idea because you wouldn't be able to analyze the malware (but you would know it exists and know what overt actions it takes on your computer). Otherwise, you have absolutely nothing to worry about and SGX is harmless.
– forest
Mar 25 at 0:22
add a comment |
1 Answer
1
active
oldest
votes
SGX can be used to protect critical operations (like cryptography using secret keys) against inspection from outside the SGX enclave. It can also be used by an attacker already on the system to hide his activities against inspection. Thus, unsurprisingly there is no absolutely good or absolutely bad - it depends a lot on your specific (and unknown to us) environment and risk profile.
And the same is true for Computrace too. The control it allows a remote party can be used for good and bad, where the intention is actually to be used for good: track down stolen notebooks. And to make this possible it is actually necessary that it can not be simply disabled by an attacker.
answered Mar 24 at 9:34
Steffen UllrichSteffen Ullrich
120k15209276
1
It may be useful to note that the existence of the enclave can't be hidden, so you can still know if malicious software is trying to hide its exact activities, even if you don't know what those activities are.
– forest
Mar 24 at 9:35
@Vlastimil: not traveling with the laptop and no access for other people does not describe in any way what you are actually doing with this laptop - it only describes a few things you don't do with it. Insofar it is not useful in deciding if SGX might be useful for you or not. In general: if you do something on the system which involves secrets it might be useful - if the specific software actually uses SGX to protect these secrets.
– Steffen Ullrich
Mar 24 at 10:07
"I might have 100% misunderstood the point of SGX..." - since you don't explain how you understood SGX in the first place I cannot tell you if your understanding is correct or wrong.
– Steffen Ullrich
Mar 24 at 10:55
add a comment |
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205969%2fcould-intel-sgx-be-dangerous-under-linux%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
SGX can be used to protect critical operations (like cryptography using secret keys) against inspection from outside the SGX enclave. It can also be used by an attacker already on the system to hide his activities against inspection. Thus, unsurprisingly there is no absolutely good or absolutely bad - it depends a lot on your specific (and unknown to us) environment and risk profile.
And the same is true for Computrace too. The control it allows a remote party can be used for good and bad, where the intention is actually to be used for good: track down stolen notebooks. And to make this possible it is actually necessary that it can not be simply disabled by an attacker.
answered Mar 24 at 9:34
Steffen UllrichSteffen Ullrich
120k15209276
1
It may be useful to note that the existence of the enclave can't be hidden, so you can still know if malicious software is trying to hide its exact activities, even if you don't know what those activities are.
– forest
Mar 24 at 9:35
@Vlastimil: not traveling with the laptop and no access for other people does not describe in any way what you are actually doing with this laptop - it only describes a few things you don't do with it. Insofar it is not useful in deciding if SGX might be useful for you or not. In general: if you do something on the system which involves secrets it might be useful - if the specific software actually uses SGX to protect these secrets.
– Steffen Ullrich
Mar 24 at 10:07
"I might have 100% misunderstood the point of SGX..." - since you don't explain how you understood SGX in the first place I cannot tell you if your understanding is correct or wrong.
– Steffen Ullrich
Mar 24 at 10:55
add a comment |
SGX can be used to protect critical operations (like cryptography using secret keys) against inspection from outside the SGX enclave. It can also be used by an attacker already on the system to hide his activities against inspection. Thus, unsurprisingly there is no absolutely good or absolutely bad - it depends a lot on your specific (and unknown to us) environment and risk profile.
And the same is true for Computrace too. The control it allows a remote party can be used for good and bad, where the intention is actually to be used for good: track down stolen notebooks. And to make this possible it is actually necessary that it can not be simply disabled by an attacker.
answered Mar 24 at 9:34
Steffen UllrichSteffen Ullrich
120k15209276
1
It may be useful to note that the existence of the enclave can't be hidden, so you can still know if malicious software is trying to hide its exact activities, even if you don't know what those activities are.
– forest
Mar 24 at 9:35
@Vlastimil: not traveling with the laptop and no access for other people does not describe in any way what you are actually doing with this laptop - it only describes a few things you don't do with it. Insofar it is not useful in deciding if SGX might be useful for you or not. In general: if you do something on the system which involves secrets it might be useful - if the specific software actually uses SGX to protect these secrets.
– Steffen Ullrich
Mar 24 at 10:07
"I might have 100% misunderstood the point of SGX..." - since you don't explain how you understood SGX in the first place I cannot tell you if your understanding is correct or wrong.
– Steffen Ullrich
Mar 24 at 10:55
add a comment |
SGX can be used to protect critical operations (like cryptography using secret keys) against inspection from outside the SGX enclave. It can also be used by an attacker already on the system to hide his activities against inspection. Thus, unsurprisingly there is no absolutely good or absolutely bad - it depends a lot on your specific (and unknown to us) environment and risk profile.
And the same is true for Computrace too. The control it allows a remote party can be used for good and bad, where the intention is actually to be used for good: track down stolen notebooks. And to make this possible it is actually necessary that it can not be simply disabled by an attacker.
answered Mar 24 at 9:34
Steffen UllrichSteffen Ullrich
120k15209276
SGX can be used to protect critical operations (like cryptography using secret keys) against inspection from outside the SGX enclave. It can also be used by an attacker already on the system to hide his activities against inspection. Thus, unsurprisingly there is no absolutely good or absolutely bad - it depends a lot on your specific (and unknown to us) environment and risk profile.
And the same is true for Computrace too. The control it allows a remote party can be used for good and bad, where the intention is actually to be used for good: track down stolen notebooks. And to make this possible it is actually necessary that it can not be simply disabled by an attacker.
answered Mar 24 at 9:34
Steffen UllrichSteffen Ullrich
120k15209276
edited Mar 24 at 9:37
answered Mar 24 at 9:34
Steffen UllrichSteffen Ullrich
120k15209276
answered Mar 24 at 9:34
Steffen UllrichSteffen Ullrich
120k15209276
answered Mar 24 at 9:34
Steffen UllrichSteffen Ullrich
120k15209276
120k15209276
1
It may be useful to note that the existence of the enclave can't be hidden, so you can still know if malicious software is trying to hide its exact activities, even if you don't know what those activities are.
– forest
Mar 24 at 9:35
@Vlastimil: not traveling with the laptop and no access for other people does not describe in any way what you are actually doing with this laptop - it only describes a few things you don't do with it. Insofar it is not useful in deciding if SGX might be useful for you or not. In general: if you do something on the system which involves secrets it might be useful - if the specific software actually uses SGX to protect these secrets.
– Steffen Ullrich
Mar 24 at 10:07
"I might have 100% misunderstood the point of SGX..." - since you don't explain how you understood SGX in the first place I cannot tell you if your understanding is correct or wrong.
– Steffen Ullrich
Mar 24 at 10:55
add a comment |
1
It may be useful to note that the existence of the enclave can't be hidden, so you can still know if malicious software is trying to hide its exact activities, even if you don't know what those activities are.
– forest
Mar 24 at 9:35
@Vlastimil: not traveling with the laptop and no access for other people does not describe in any way what you are actually doing with this laptop - it only describes a few things you don't do with it. Insofar it is not useful in deciding if SGX might be useful for you or not. In general: if you do something on the system which involves secrets it might be useful - if the specific software actually uses SGX to protect these secrets.
– Steffen Ullrich
Mar 24 at 10:07
"I might have 100% misunderstood the point of SGX..." - since you don't explain how you understood SGX in the first place I cannot tell you if your understanding is correct or wrong.
– Steffen Ullrich
Mar 24 at 10:55
1
1
It may be useful to note that the existence of the enclave can't be hidden, so you can still know if malicious software is trying to hide its exact activities, even if you don't know what those activities are.
– forest
Mar 24 at 9:35
It may be useful to note that the existence of the enclave can't be hidden, so you can still know if malicious software is trying to hide its exact activities, even if you don't know what those activities are.
– forest
Mar 24 at 9:35
@Vlastimil: not traveling with the laptop and no access for other people does not describe in any way what you are actually doing with this laptop - it only describes a few things you don't do with it. Insofar it is not useful in deciding if SGX might be useful for you or not. In general: if you do something on the system which involves secrets it might be useful - if the specific software actually uses SGX to protect these secrets.
– Steffen Ullrich
Mar 24 at 10:07
@Vlastimil: not traveling with the laptop and no access for other people does not describe in any way what you are actually doing with this laptop - it only describes a few things you don't do with it. Insofar it is not useful in deciding if SGX might be useful for you or not. In general: if you do something on the system which involves secrets it might be useful - if the specific software actually uses SGX to protect these secrets.
– Steffen Ullrich
Mar 24 at 10:07
"I might have 100% misunderstood the point of SGX..." - since you don't explain how you understood SGX in the first place I cannot tell you if your understanding is correct or wrong.
– Steffen Ullrich
Mar 24 at 10:55
"I might have 100% misunderstood the point of SGX..." - since you don't explain how you understood SGX in the first place I cannot tell you if your understanding is correct or wrong.
– Steffen Ullrich
Mar 24 at 10:55
add a comment |
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205969%2fcould-intel-sgx-be-dangerous-under-linux%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
What is your threat model?
– forest
Mar 24 at 9:33
1
@forest I'm not sure what your question means. You might want to put it in layman's terms for me. Thank you.
– Vlastimil
Mar 24 at 13:09
A threat model is an abstract model of a person's adversaries, the assets the adversaries are attempting to compromise, and various other salient factors. For example, SGX, as Steffen Ullrich says, makes it possible for malware to hide its exact computations, but it does not allow someone to escalate privileges.
– forest
Mar 25 at 0:20
In general, unless your threat model is really, really specific E.g. If you are a reverse engineer who expects to be infected with malware performing secret computations and which does not run privileged and while you have no access to log the infection vector (network, etc) then SGX might not be a great idea because you wouldn't be able to analyze the malware (but you would know it exists and know what overt actions it takes on your computer). Otherwise, you have absolutely nothing to worry about and SGX is harmless.
– forest
Mar 25 at 0:22