|
|
|
|
|
|
by mindslight
2236 days ago
|
|
|
I was speaking to the general concern. A small sandbox isn't a full threat in the manner I laid out, just the same owner-is-hostile dynamic. If attestation keys were only rooted in the processor itself (ie not signed by Intel/AMD) and users could load their own, the worthwhile properties of hardened hardware would be preserved without making the owner an enemy. |
|
|