|
|
|
|
|
|
by Hizonner
742 days ago
|
|
|
That requires trusting that the attestation hardware does what it says it does, and that the larger hardware system around it isn't subject to invasion. Those requirements mean that your assurance is no longer entirely cryptographic. And, by the way, Apple apparently plans to be building the hardware. It could be a very large practical increase in assurance, but it's not what they're saying it is. |
|
|
It's a decent minimum bar that other companies should also be aiming for.
Edit: ref https://security.apple.com/blog/private-cloud-compute/