Not to mention that no design is absolutely safe, and if security enclaves like Pluton get exploited to run backdoor, it'll be a lot harder for end user to detect.
> these tiny parts usually run with high privileges and dramatically impact the overall system. In such cases, MTE/CHERI play pretty nicely - they help ensure that whatever bugs we have in these areas are killed at their root cause (probabilistically/deterministically). This is exactly why MSR, MSRC and Azure Silicon pushed for this AMAZING project of CheriIoT ... scaling CHERI down to RISC-V32E, the smallest core RISC-V specification. I’m very excited about this project, and I hope once we will open-source the ISA and the prototype, more folks across the industry could join.
That is a direction that would benefit everyone: open silicon and open firmware for the most security sensitive components. It is technically possible and at least some humans in big companies understand the importance to future would-be-digital civilizations.
> these tiny parts usually run with high privileges and dramatically impact the overall system. In such cases, MTE/CHERI play pretty nicely - they help ensure that whatever bugs we have in these areas are killed at their root cause (probabilistically/deterministically). This is exactly why MSR, MSRC and Azure Silicon pushed for this AMAZING project of CheriIoT ... scaling CHERI down to RISC-V32E, the smallest core RISC-V specification. I’m very excited about this project, and I hope once we will open-source the ISA and the prototype, more folks across the industry could join.
That is a direction that would benefit everyone: open silicon and open firmware for the most security sensitive components. It is technically possible and at least some humans in big companies understand the importance to future would-be-digital civilizations.