Intel reports the outcome of the in-house audit on its hardware security product dubbed Trust Domain Extension (TDX) that lasted for nine months. The audit report reveals multiple vulnerabilities that geared the tech giant to enhance the security system to cover up the loopholes in the TDX hardware.
Google Cloud led the cybersecurity audit on Intel’s hardware security product and discovered more than ten vulnerabilities on the TDX hardware. Aside from the TDX vulnerabilities, other significant errors and other bug-related discoveries called for a fix to make the TDX hardware a proactive and secured tool for other technology Integration.
According to the cybersecurity audit report by Google Cloud researchers and Intel’s engineers, the TDX system has to be fully fixed in preparation for the integration with Intel’s processors dubbed Sapphire Rapids. The chip maker built the hardware security product to be dependable with the in-house Xeon processor.
Google Cloud group product manager, Nelly Porter said “It’s not trivial because companies, we all have our intellectual property. And in particular, Intel had a lot of IP in the technologies that they were bringing to this. For us to be able to be incredibly open and trusting each other is valuable. The research that we’re doing will help everybody because Intel Trusted Domain Extension technology is going to be used not only in Google, but everywhere else as well.”
Incorporating technology is something that has always trended in the technology landscape with emerging technology applications. Unlike the TDX hardware, Sapphire Rapids is yet to be a final product – the rollout of this technology makes Intel on a paced level of marketing its fourth generation Xeon processor with TDX security that has Google’s bug hunters seeking vulnerabilities.
Google’s Project Zero bug-hunting and Google Cloud Security researchers commune with Intel’s engineers to literally hacked the TDX hardware to determine 100% security. The scrutiny exercise is formally a cybersecurity audit led by the tech giants to discover more than eighty security relapses on the TDX hardware that raised less concern since Google Cloud is expertise in computing encrypted data.
“For me, that was surprising. I wasn’t expecting that we had such a vulnerability in our internal system. But I was super happy that this team caught it. It’s not that these are easy vulnerabilities for someone to tap into, but the fact that it’s there is not a good thing. So at least once we fix it then we can sleep better at night,” Anil Rao, Intel’s vice president and general manager of systems architecture and engineering, said.