[rasengan]

> Any network protocol can be spoofed, with varying degrees of difficulty.

Because of the cryptographic verifications, the communication cannot be spoofed.

[junon]

Pray tell how a black box peer can validate its not had its private keys cloned?

[immibis]

Because the code doesn't have any code to clone private keys.

The trust chain ends with you trusting Intel to only make CPUs that do what they say they do, so that if the code doesn't say to clone a private key, it won't.

(You also have to trust the owners to not correlate your traffic from outside the enclave, which is the same as every VPN, so this adds nothing)

[rasengan]

The first part is definitely true.

The second part in terms of correlations is untrue since we include a number of techniques to frustrate timing attacks among other things.

[immibis]

There's also the factor of why should we trust the person who destroyed Freenode while telling everyone he was actually saving it from the evil people who were trying to steal it from him? That's a liability. He might sell all our traffic logs to some evil entity while claiming he's just protecting us.

[rasengan]

It would probably make sense to look into details before parroting false narratives.

Additionally, if you’re still talking about trust it means you don’t understand the technical implications of this.