Conference:  Defcon 31

Authors: Alexander Dalsgaard Krog Vulnerability Researcher at Vectorize, Alexander Skovsende Grad Student at Technical University of Denmark

2023-08-01

In this work, we present the novel results of our research on Intel CPU microcode. Building upon prior research on Intel Goldmont CPUs, we have reverse-engineered the implementations of complex x86 instructions, leading to the discovery of hidden microcode which serves to prevent the persistence of any changes made. Using this knowledge, we were able to patch those discovered sections, allowing us to make persistent microcode changes from userspace on Linux. We have developed and improved microcode tracing tools, giving us deeper insight into Intel Atom microcode than was previously possible, by allowing more dynamic analysis of the ROM. Along with this presentation, we provide a C library for making microcode changes and documentation on the reverse-engineered microcode. We show that vendor updates to the microcode, which cannot be verified by the user, impose a security risk by demonstrating how a Linux system can be compromised through a backdoor within a CPU core's microcode.

Conference:  KubeCon + CloudNativeCon Europe 2022

Authors: Robert Ficcaglia

2022-05-20

The presentation discusses the challenges and considerations in implementing trusted computing in a Kubernetes environment.

• Trusted computing is not a silver bullet and requires careful consideration of the attack surface and minimizing it
• Enclaves have shortcomings and are susceptible to side channel attacks
• Compliance with government standards such as NIST can be achieved with enclaves
• Hardware components are susceptible to tampering and must be carefully evaluated
• Kubernetes can use trusted computing at the container level, but the control plane should be constrained to minimize attack surface