Source: Hacker News
Article note: These are always fun.
Getting to a state where you can use the microcode read/write instructions they found is clearly tricky, but I could see an escalation paths with a CSME exploit to get into the appropriate debug mode, or side effects from speculatively executing (because of course it speculatively executes them) the special instructions to leak data from the security by complexity bullshit on the processors or the like.
There _are_ apparently some machine-readable unique identifiers in the parts they studied which is itself interesting/concerning.
Comments 