SECURITYTHE REGISTER
Confidential computing's core trust mechanism is broken. The fix may not exist
Research reveals fundamental flaws in the attested TLS protocols used in confidential computing, enabling diversion and relay attacks that compromise cryptographic trust. Despite vendor claims, protocols like remote attestation fail to verify server location or prevent traffic interception by malicious entities.
Mentioned
Related Signal
Adjacent reporting
- Warning: Deribit silently patches critical security flaws and ghosts the researchers. Can we trust an exchange that hides its vulnerabilities?
- Warning: Deribit silently patches critical security flaws and ghosts the researchers. Can we trust an exchange that hides its vulnerabilities?
- PSA: Bisq 1 Trade protocol exploit discovered, investigations ongoing
- The $292M crypto hack exposed DeFi's weak spots. Here’s what must change, insiders say
- Hackers bypass SonicWall VPN MFA due to incomplete patching
- No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out