Comment by charcircuit
10 days ago
Just because OpenSSL had a CVE posted about today, that didn't mean we should go back to use HTTP for the web.
10 days ago
Just because OpenSSL had a CVE posted about today, that didn't mean we should go back to use HTTP for the web.
It does mean we should recognize that SSL is nice for some basic privacy/security, but not perfect security.
Same with remote attestation. Not all implementations are actually secure. But hopefully over time those security bugs can be ironed out and the cost to extract a key be made infeasable.
Hopefully not. What you have just said is a synonym for "But hopefully over time manufacturers will be able to completely prevent users from running unapproved software."
3 replies →