Could the Intel Foreshadow Bug Break 4K Hardware DRM? [Updated]

Could the Intel Foreshadow Bug Break 4K Hardware DRM? [Updated]

Update: We’ve heard from Intel on this issue. A company spokesperson states: “Mitigations that address this [the L1 Terminal Fault bug, aka Foreshadow] have already been made available – which also address the attestation scenario. The best thing for people to do is simply to keep their systems up to date. Once systems are updated, we expect the risk to most consumers and enterprise users will be low.”

Original Story Below:

Earlier this week, news broke that a set of three vulnerabilities — collectively referred to as Foreshadow — have been found in Intel microprocessors. These vulnerabilities specifically impact Intel’s implementation of a security feature known as Software Guard Extensions, a technology Intel developed to run hardened, protected code even in cases where the underlying operating system or hardware might not be secure. But just how far does the flaw extend, and what kind of practical use can it be put to?

The Register recently spoke to one of the flaw’s discoverers, Dr. Yuval Yarom, who minced no words in his evaluation. One of the hallmarks of Foreshadow is that it can be used to falsify attestation information, which is to say, SGX can appear to attest that code is valid and unchanged while said code is anything but. Without the ability to verify that the code in question is actually the code that’s running, Dr. Yarom says, “The whole trust model collapses.”

“The main promise of SGX is that you can write code, and ship it to someone you do not fully trust,” Dr. Yarom told the Register. “That person will run the code inside SGX on their machine, and you can see that whatever they run there is protected, because you know… they haven’t modified your code, they haven’t accessed the data that your code used.”

One specific example Yarom gave of an example application that could be harmed by this flaw is a video player that used SGX to implement its DRM mechanism. The player obviously isn’t intended to allow for the video stream to be copied, but if you can muck with the SGX attestation, you can alter the player to claim that its stream is properly protected when it isn’t. In theory, this sounds like precisely the kind of break that PC pirates might exploit to break Microsoft’s PlayReady 3.0, the 4K content protection that (still) makes Netflix playback require a lot of jumping through hoops, including the use of specific browsers (Microsoft Edge) and compatible hardware (recent AMD APUs, or Kaby Lake-and-later CPUs). But it’s not at all clear if this flaw will actually enable that kind of activity. Intel’s documentation makes it absolutely clear that SGX can be used for DRM, but it’s not evident that PlayReady 3.0 actually uses it.

Microsoft’s publicly available documentation is filled with references to Trusted Execution Environments (TEEs) and the need to have hardware DRM protection baked in at the physical level in order to certify a device for SL3000 feature levels (and that’s the relevant target, as near as I can tell). Older levels, like SL2000, are software based.

Could the Intel Foreshadow Bug Break 4K Hardware DRM? [Updated]

SGX was technically introduced with Skylake, not Kaby Lake, and Netflix 4K playback requires the latter. This could be read to imply that whatever DRM solution MS relies on, it isn’t explicitly tied to SGX. On the other hand, however, other reports have suggested that while Skylake CPUs deployed SGX, the firmware and software that shipped with Skylake systems wasn’t necessarily capable of enabling the feature. If Intel made supporting the full capabilities of SGX out of the box mandatory only with Kaby Lake it might explain why Microsoft didn’t support the feature until 7th Generation CPUs.

On the other hand, we know that Nvidia and AMD have both added support for 4K playback over both CPUs and GPUs, which strongly implies that Microsoft’s Trusted Execution Environments are designed to be flexible rather than demanding only one vendor’s hardware implementation. And given that Intel is already distributing microcode updates to fix this bug (or at least, major parts of it), it’s not clear if there’s a meaningful risk in the first place. The window of opportunity for attacks like this to impact mainstream video streaming services could ultimately be small to nonexistent. Like Meltdown and Spectre, this bug isn’t going to principally hit consumers but cloud service providers and enterprises. So far, Intel’s data center revenue has weathered this barrage of bad news unscathed — there are some who think the problems have created opportunities for future Intel products and accelerated upgrade cycles.

Continue reading

FTC Files Antitrust Case to Break Up Facebook
FTC Files Antitrust Case to Break Up Facebook

New York Attorney General Letitia James has announced a major antitrust case against Facebook, which will be joined by 47 other state and regional AGs. And that's not all: the Federal Trade Commission (FTC) is filing a separate case against Facebook later today.

Cyberpunk 2077 Save Files Will Break Forever If You Collect Too Many Items
Cyberpunk 2077 Save Files Will Break Forever If You Collect Too Many Items

Gamers have griped loudly about the bugs and performance issues, and there's a new issue to note today: if you collect too many in-game items, your save file will break forever.

Intel Records Record-Breaking 2020, Will Build ‘Most’ 7nm in Its Own Fabs
Intel Records Record-Breaking 2020, Will Build ‘Most’ 7nm in Its Own Fabs

Intel broke revenue records for full year 2020 and saw client computing sales surge for the year. It didn't give exact specifics on 7nm, but it did update us on the broad shape of things.

Google Will Use Pixel’s Camera to Measure Heart Rate and Breathing
Google Will Use Pixel’s Camera to Measure Heart Rate and Breathing

Like many of Google's machine learning projects, this one is coming first to Pixel phones, and more phones will probably get it down the line.