Comment by 7e
4 months ago
"All three chipmakers exclude physical attacks from threat models for their TEEs."
So, working as intended.
4 months ago
"All three chipmakers exclude physical attacks from threat models for their TEEs."
So, working as intended.
I would think that having TEE means that you can run secure software on unsecured hardware, if that's not the case, then what's the point of TEE in the first place?
If I have my hardware under lock and key in my house, this lets me only trust the CPU vendor and not the software stack running on my computer when I try to verify that it is running exactly the workload that I intended. With a third party, if I trust you to not tamper with your hardware, this let's both of us remove the people who wrote the hypervisor from our trust base.