|
|
|
|
|
|
by johncolanduoni
2234 days ago
|
|
|
You could apply the same logic to cryptographic systems themselves; we have very few absolute proofs of security properties for the cryptography we use for TLS and the like, so they are “imperfect” and may be vulnerable and therefore are snake oil. However I doubt you’d feel indifferent about whether a website you are sending your credit card number to uses HTTPS and stores your payment information encrypted at rest. |
|
|
The TLS vs SGX is a particularly bad comparison. SGX's internal design was not even published, let alone reviewed; and it already had multiple bad exploits. The TLS design and code has been reviewed by a multiple cryptographers, and the algorithm itself (not implementation) is unbroken.