-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 So, a bunch of us were talking about secure hosting in Tunis. At one point in a side conversation, PrivateCore came up as a tool that might be interesting when you're looking at aggressive malware. It's designed to allow you to perform certain kinds of secure computations in a context where you can't trust anything off the CPU die, including your north bridge or main memory, while still allowing you to use commodity x86 hardware. This is interesting, as CPU packages are relatively more expensive to tamper with than complete boards are, and represent a smaller (the smallest possible?) target when looking at issues like firmware rootkits. Sadly, their available online documentation doesn't make it clear how the initial keying is performed; e.g., are they relying on secrets already baked into the chip or using some initialization process? If the latter, how do they guarantee a trusted path to the chip during initialization, and if the former, how do they ensure that the secret is actually secret to all parties but the initializer? If anyone knows more about them, I'd be quite interested to hear it.
(There's a larger issue of their technology not being open source, for our context, but that's a separate issue.) E. - -- Ideas are my favorite toys. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) iF4EAREIAAYFAlHDsWwACgkQQwkE2RkM0wovOwD+NFxHfUuR5KPfbYpxzTMXVNZX jnYSrl2YEHQBzmKUFIEA/1GHlD8jm3Zw13LSJQC0MrlZ0Ev4cpnBT4B59KAm7DVL =oQCa -----END PGP SIGNATURE----- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
