1 |
On Thu, Feb 25, 2016 at 2:06 PM, Mick <michaelkintzios@×××××.com> wrote: |
2 |
> On Wednesday 24 Feb 2016 19:08:42 Rich Freeman wrote: |
3 |
>> On Wed, Feb 24, 2016 at 4:05 AM, Frank Steinmetzger <Warp_7@×××.de> wrote: |
4 |
>> > Well my concern was more that SGX would provide leverage for even more |
5 |
>> > eavesdropping, rather than prohibit it. |
6 |
>> |
7 |
>> Yeah, I'm one of those persons who tends to consider most fears of |
8 |
>> TPMs and UEFI overblown, but these CPUs that almost have independent |
9 |
>> CPUs inside with full RAM+hardware access which are secured against |
10 |
>> the main CPU do concern me quite a bit. |
11 |
> |
12 |
> You have to see this from a demand angle of the computing market. I suspect |
13 |
> Intel is just responding to market demand for 'better security'. For big |
14 |
> corporates better security means protection from internal (employees) as well |
15 |
> as external threats. Most CIOs would sleep comfortably in the thought that |
16 |
> they can blame Intel when things go sideways and try to keep their jobs among |
17 |
> the blame-fest and ricochets that ensues. Of course our concept of security |
18 |
> (who we trust with our computing) is orthogonal to your average CIO's out |
19 |
> there who are invariably acting as a procurement agent. Dare I observe, we do |
20 |
> not really feature as a target market for Intel. |
21 |
> |
22 |
|
23 |
All they need to do is provide the private key associated with the CPU |
24 |
to the owner upon purchase. In the case of a corporate computer, the |
25 |
corporation gets the keys to the PC. |
26 |
|
27 |
Most people wouldn't bother making any use of the key. However, those |
28 |
who are interested could sign libreboot or whatever with it and now |
29 |
they have full control over their PC. Indeed, they could then use |
30 |
that control to ensure that nobody else goes tampering with their PC, |
31 |
which is in fact the intended purpose of this feature anyway. |
32 |
|
33 |
The problem is that Intel's solution effectively gives them a |
34 |
back-door into everybody's PC. |
35 |
|
36 |
-- |
37 |
Rich |