• ByteSize
  • Posts
  • TEE.Fail + VPN.Fail + Bullet.Fail

TEE.Fail + VPN.Fail + Bullet.Fail

INSIDE: Stock market goes brrr for NVIDIA, Jamf gets acquired, and spyware drama that would make Netflix jealous...

November 04, 2025 • Estimated Reading Time: 10 minutes

In partnership with

It’s Tuesday, November 4! Today, the NYC mayor gets picked. You, meanwhile, have to pick between 14 open tabs and 1 brain cell…

On this day in 1952, Remington Rand put their UNIVAC computer on live TV to predict the 1952 presidential election. UNIVAC nailed Eisenhower's landslide victory after just 3 million votes. The stunt worked brilliantly—people started calling all computers "UNIVACs," it landed on Superman comics, and sparked the election prediction industry. Today, we have AI that struggles with basic counting but can write poetry about server downtime. Progress!

The Internet Still Breaks for the Most Ridiculous Reasons

Cloudflare's Q3 disruption report reads like a global disaster compilation that would make Michael Bay jealous. Between July and September, the internet went down for reasons that range from predictably dystopian to hilariously absurd.

The "greatest hits" include Iraq, Syria, and Sudan shutting down the entire internet during exam season to prevent cheating. (Apparently, the nuclear option is the only way to stop kids from Googling answers.) Syria even bragged about dismantling "organized exam cheating networks using advanced electronic technologies," which sounds way more dramatic than "we unplugged the Wi-Fi."

Then there's the infrastructure mess: a stray bullet in Dallas took out Spectrum's fiber for two hours (USA! USA! USA!), simultaneous cable cuts in the Red Sea hit the UAE and Pakistan, and a fire at Egypt's central exchange knocked out Vodafone and Orange services. An 8.8-magnitude earthquake in Russia's Kamchatka Peninsula dropped traffic by 75% across multiple networks, proving that Mother Nature is still the ultimate DDoS attack.

The crown jewel belongs to a Starlink global outage blamed on "failure of key internal software services." Even Elon's space internet can't escape good old-fashioned software bugs. At least when your terrestrial internet fails, you can't blame orbital mechanics.

TEE.Fail: When "Confidential Computing" Meets Reality

Remember when Intel, AMD, and NVIDIA promised us "Trusted Execution Environments" that would keep our secrets safer than the CIA's? Well, researchers from Georgia Tech and Purdue just dropped TEE.Fail. A more apt name would be “TEEhee.Fail” (˵ ¬ᴗ¬˵) . It’s a side-channel attack that turns those promises into the tech world's most expensive whoopee cushion.

The attack works by eavesdropping on DDR5 memory buses with less than $1,000 in hobbyist equipment. It's like putting a wiretap on your RAM, except instead of needing NSA-level resources, you just need the electronics budget of a decent gaming setup.

The researchers successfully extracted signing keys from Intel SGX, Intel TDX, and AMD SEV-SNP by exploiting deterministic AES-XTS encryption. They can forge legitimate attestations, steal private keys, and basically turn your "confidential computing" into "please-trust-us computing."  It even works when AMD's "Ciphertext Hiding" security option is enabled.

Intel, AMD, and NVIDIA's response is essentially "we know, we're working on it," which translates to "physical access attacks are out of scope for our threat model." So your million-dollar secure enclave is only as good as your door locks. Yay!

VPNs: Now So Complex They Make You Less Secure

Cyber insurance provider At-Bay just delivered the plot twist nobody wanted: companies using Cisco and Citrix VPNs are 6.8 times more likely to get ransomware'd. Plot twist within a plot twist: It's not because the products suck, but because they've become so complex that operating them securely requires a PhD in "advanced not-getting-pwned."

Modern VPNs have evolved from simple tunneling tools into next-generation firewalls that combine VPN, firewall, router, and proxy functions into one beautiful, attack-surface-expanding monolith. The report notes that 80% of ransomware attacks started with remote access tools, and 83% of those involved VPN devices. At-Bay's Chief Information Security Officer (CISO, but you know that lol) puts it perfectly: traditional on-premise VPNs are "too difficult for most companies to operate securely."

The solution here is moving to cloud-based SASE products or invest heavily in "continuous maintenance, configuration management, and timely patching.” (AKA hire more people who understand this Frankenstein's monster you've created.)

⚙️ TOOL TIME

Realtime User Onboarding, Zero Engineering

Quarterzip delivers realtime, AI-led onboarding for every user with zero engineering effort.

✨ Dynamic Voice guides users in the moment
✨ Picture-in-Picture stay visible across your site and others
✨ Guardrails keep things accurate with smooth handoffs if needed

No code. No engineering. Just onboarding that adapts as you grow.

👨‍💻 JOB OPPORTUNITIES

They want someone to "own, create, and execute a strategic vision" and "challenge the status quo." In other words, they need someone to fix everything while pretending it was always part of the plan. Must have experience with ServiceNow and Jamf.

An entry-level position perfect for someone who enjoys "imaging and configuring computers" and "maintaining IT imaging and storage areas." Basically, you'll be the person who makes sure new hires can log into their laptops without crying. Requires a high tolerance for help desk tickets.

They need someone to provide "white glove support to C-level executives" and participate in "on-call rotation schedules." Warning: This job involves being available when the CEO's PowerPoint crashes at 2 AM.

They want someone to "define the technical strategy for digital commerce and influencer platforms." So, you'll be the person who has to explain why the cookie company's influencer management platform keeps crashing during National Cookie Day campaigns. Salary range: enough to buy A LOT of cookies.

🛩 INDUSTRY MOVES

  • NVIDIA officially hit $5 trillion in market value, making it the world's first company to reach this milestone. Shares jumped after announcing a $1 billion Nokia partnership and Trump's mention of potentially discussing AI chip exports with China. Meanwhile, their stock’s in orbit and my laptop just burst into flames trying to render a JPEG.

  • UK ISP provider Zen Internet lost an employment tribunal appeal after unfairly dismissing their former CEO Paul Stobart. Apparently, even when you have legitimate grounds to fire someone for not meeting targets, you can’t just CTRL + ALT + DEL your CEO like a corrupted PDF.

  • Apple device management platform Jamf is going private in a $2.2 billion all-cash deal with Francisco Partners. The company will continue operating under the same name from Minneapolis—now backed by $2.2B and still unable to locate your AirPods.

  • The CEO of spyware maker Memento Labs, Paolo Lezzi, confirmed that one of their government customers got caught using their malware. He blamed the customer for using "an agent that was already dead," and said they've been telling everyone to stop using their Windows spyware since December. So basically: “Yes, we sold the grenade, but we said not to pull the pin!”

Chip here, your friendly ByteSize mascot! I've been crawling through the support forums so you don't have. Here's what's keeping everyone up at night:

That’s all for now—unless you open Slack. Then it’s not!

Don’t forget to stay paranoid, stay patched, and keep those backup strategies tested. Because somewhere out there, a stray bullet or software update is waiting to ruin your day.

Got news to share or topics you'd like us to cover? Send ‘em our way. We can’t wait to hear from you. Really.