Follow
@mplammers@fosstodon.org their technique requires hardware access (look at all those wires and relays!), although other fault injection papers have demonstrated remote vulnerabilities through unprotected channels to the onboard voltage regulators. Plundervolt, for instance, causes faults in SGX enclaves and leaks key material https://plundervolt.com/
@th @mplammers It's kind of fun, it does need physical access - although only SPI+VR+PSU reset; but does need a few hours access - but then you walk away with what you need; it's kind of the opposite the other attack this week which doesn't need physical access but you suck a few bits at a time.