Reply to post: Re: Death of DRM on PC platforms??

Spectre haunts Intel's SGX defense: CPU flaws can be exploited to snoop on enclaves

bombastic bob Silver badge

Re: Death of DRM on PC platforms??

from what I understand, the practicality of the attack vs possibility is a completely different thing.

As much as I'd like to see the Blu-Ray equivalent of 'libdecss' with all of the possible decryption keys built-in, and easily downloadable software to convert Blu-Ray contents into h.265 media files on a computer, phone, or slab [for personal use, of course, I'm not interested in pirating content, just convenience], I don't see this happening any time soon, even with the ability to do a side-channel attack on the DRM code.

It just seems that there's a lot of cost for such a tiny payoff that it probably won't happen outside of specific kinds of "spear" attacks [perhaps by the NSA?].

In the mean time, every time I read into the technical details of these things, my mind boggles. Spectre is such a confusing mess to try and wrap my mind around, I can't see how any *SANE* person could actually make this work without an extreme amount of time and effort...

And the 'ret-poline' seems to be an adequate defense against at least SOME of it, by not using the speculative execution thingy in the first place.

Now, here's a thought: what if we could just flip a bit to turn branch prediction OFF for code that needs extra security? Or, better still, make it an inherent part of the TASK STATE so other CPU tasks can't pollute the branch prediction cache like that.

yeah that means a complete re-design of the chip's internals. I'll have to wait for a new CPU architecture before upgrading hardware, then... hopefully withOUT a mandatory management engine, too!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019