A small sandbox isn't a full threat in the manner I laid out, just the same owner-is-hostile dynamic.
If attestation keys were only rooted in the processor itself (ie not signed by Intel/AMD) and users could load their own, the worthwhile properties of hardened hardware would be preserved without making the owner an enemy.
A small sandbox isn't a full threat in the manner I laid out, just the same owner-is-hostile dynamic.
If attestation keys were only rooted in the processor itself (ie not signed by Intel/AMD) and users could load their own, the worthwhile properties of hardened hardware would be preserved without making the owner an enemy.