Hacker News new | ask | show | jobs
by alias_neo 1993 days ago
Thanks for that. I had a quick look through their blog but couldn't find anything to reference.

It's been a few months since I worked with their codebase but at the time it relied on Intel SGX for the contact storage Enclave, which is now considered compromised[0]. Additionally, if you wanted to run your own, the requirements to get licensed to use the Enclave are non-trivial.

Opinions are my own, I represent no one, etc, etc.

[0]https://arstechnica.com/information-technology/2020/03/hacke...
1 comments
Vinnl 1993 days ago
Yeah I think that's still true. That said, as I understand it, the enclave is used as "proof" that they're running the server-side code they say they do (which should be protecting the data), not the data itself. I could definitely be wrong there though.
link
alias_neo 1993 days ago
Yes, that's how I understand it to work; TEE (Trusted Execution Environment).
link