Haha that requires total hardware access to the poinr where you have to take out motherboard out of the server. Kinda useless as real world security vulnerability.

This isn't a flaw in SGX, and I bet if they did the same thing to an Epyc part they could easily crack its memory encryption with similar techniques.

I bet the envisioned threat model for the attack is the owners of the hardware breaking DRM that's relying on SGX to secure the decryption process.

And you call this "attack"? lol

True, big media is the one most scared by this attack. Pretty sure they'll disable 4K and even HD playback on Intel GPUs now.

This. Breaking SGX while it's enabled is relevant because SGX is actually trying to provide "security" of DRM and against the user. SGX security is actually potentially harmful to users, as it's meant for making closed-source blobs even harder to inspect or tamper with.

Those who dismiss this attack based on the fact that it requires physical hardware forget what the Intel SGX spec was designed for (or against)

"The code and data in the enclave utilize a threat model in which the enclave is trusted but no process outside it can be trusted (including the operating system itself and any hypervisor), and therefore all of these are treated as potentially hostile." - Wikipedia

The SGX assumes the OS can be compromised which is why root-level access on intel's undervolt utilities is a valid attack in this threat model. I am sceptical of their claims and threat model because protecting against OS-level exploits is a huge attack surface and many other components can be used to extract information. Not to mention SGX essentially needs to protect from all physical threats aswell as it is meant as additional security in cloud based systems (Why else wouldn't you trust the OS?) all while being able to call from userspace.

That is, untill wine/linux adds a syscall to emulate SGX. SGX should only work when cloud providers are honest enough to provide SGX and disable the intel undervolt utility from root access.

Not really, imagine trying to access the encrypted content of a stolen laptop...