|
|
|
|
|
|
by jsolson
359 days ago
|
|
|
In my world, we won't let a system boot with production credentials unless the IOMMU is enabled. This is enforced by a greatly enriched TPM (and it's willingness to unwrap credentials). We have trust several layers of firmware and OS software, but the same mechanism allows us to ensure that known-bad versions of those aren't part of the stack that booted. If I wanted secure games (and the market would tolerate it), I'd push for enforcement of something similar in the consumer space. |
|
|