Vulnerabilities in LUKS2 disk encryption for confidential VMsTrail of Bits is disclosing vulnerabilities in confidential computing systems that use LUKS2 for disk encryption. These vulnerabilities allow attackers with access to storage disks to extract confidential data and modify contents.
A few notes on AWS Nitro Enclaves: Attack surfaceIn the race to secure cloud applications, AWS Nitro Enclaves have emerged as a powerful tool for isolating sensitive workloads.But with great power comes great responsibility-and potential security pitfalls. As pioneers in confidential computing security, we atTrail of Bits have scrutinized the attack surface of AWS Nitro Enclaves, uncovering potential bugs that could compromise even thesehardened environments.
Enhancing trust for SGX enclavesCreating reproducible builds for SGX enclaves used in privacy-oriented deployments is a difficult task that lacks a convenient and robust solution. We describe using Nix to achieve reproducible and transparent enclave builds so that anyone can audit whether the enclave is running the source code it claims, thereby enhancing the security of […]
