[pram]

From a paper in that article:

"Intel has recently added support for monotonic counters [5] as an optional SGX feature that an enclave developer may use for rollback attack pro- tection, when available. However, the security and per- formance properties of this mechanism are not precisely documented. We performed a detailed analysis of SGX counters and report our findings in Appendix B. To summarize, we found out that counter updates take 80-250 ms and reads 60-140 ms. The non-volatile mem- ory used to implement the counter wears out after ap- proximately one million writes, making the counter func- tionality unusable after a couple of days of continuous use. Thus, SGX counters are unsuitable for systems where state updates are frequent and continuous."

permanently breaks lol

[rkagerer]

How long until we see an SGX-damaging malware in the wild that simply eats up all the monotonic counters?

[eat_veggies]

Azure, IBM, and Alibaba clouds support SGX—anyone want to brick some monotonic counters?

[vladivstok]

SGX is disabled by default on most systems so it would have to be a very targeted malware

[rkagerer]

Truly disabled, or in the Software Controlled state?

[aseipp]

Your motherboard UEFI blob and chip both have to support it. The vast majority of systems are limited by the fact their UEFI implementation does not enable (or allow you to enable) SGX at all, and at least on my Ice Lake laptop, SGX was disabled out of the box in UEFI (in a non-software controlled state.)

[yrro]

Or ransomware that does so if the ransom is not paid. This can also be done with UEFI variable writes, since the flash where they are stored is... often not of the highest quality!

[throwaway2048]

I don't think many people care about their SGX functionality.

[thrwyoilarticle]

Have you not heard of PROM?

[eqvinox]

No problem, isn't it obvious?: instead of paying for electricity to mine blockchains, you now pay for new hardware! Protect the environment by filling Intel's pockets :D