Comment by Aachen
2 days ago
Fair enough. I would just interpret this as an exaggeration / way of speaking. In the end you always have to trust someone, be it Mullvad's reputation, be it an auditor, be it a hardware vendor
Good comparison about the SGX contact discovery though, although Signal could afaik use one of the known SGX bugs to get our data anyway, or collude with Intel who has the private keys, so you trust third parties there as well
No comments yet
Contribute on Hacker News ↗