Problems for the giant Intel.
The bug in question concerns the SGX, Software Guard Extensions, an area of the chip that is usually considered extremely secure and that is therefore used to save and process particularly sensitive data.
Despite this supposed stability and security, a team of researchers was able to violate it, demonstrating that it was not as safe as previously assumed.
At the beginning of 2018 two other weaknesses in Intel processors’ security were made public, called Meltdown and Spectre, which allowed Trojans and viruses to access the system, but these were bugs difficult to use and the relapse of their discovery was fortunately limited, even though they were not completely correctable by software updates.
The new vulnerability discovered, which has been named “Foreshadow”, could impact many crypto projects that thought they were using SGX.
For example, Moxie Marlinspike from Signal is working as a consultant on a token called MobileCoin, which uses SGX as its main component.
Enigma uses this type of technology for its private smart contracts, while storage manufacturer Ledger was thinking of developing a wallet based on SGX together with Intel.
We have good and bad news: the good news comes from the fact that who found the bug comes from the academic world and has followed an extremely correct behavior, warning Intel first to allow them to take the necessary countermeasures.
The bad news is that now many projects, which were developing with SGX, will have to change plans or wait for corrective patches to be applied.