Announcement

**skeevy420** · 28 January 2020, 09:15 AM

To hackers: Please exploit this and name it GOLF so we can TEE OFF to watch pirated copies of Caddyshack.

**Adarion** · 28 January 2020, 01:16 PM

They do not trust me, the end user. I cannot trust it - or them. The program(s) inside the PSP (or ME for that matter) is not trustworthy because it cannot be audited (or changed if faulty).
So why is everyone talking about "trust" when there is no such trust in this whole matter?

And I don't like some blob program in an obscure black box running kind of on ring minus something to mess around in my memory and possibly read keys and clear text and whatnot.

**Hibbelharry** · 28 January 2020, 01:37 PM

Originally posted by Adarion View Post

So why is everyone talking about "trust" when there is no such trust in this whole matter?

Trust does not just mean you have to trust that stuff, there are other parties to the game, too. Like your OS and its vendors, content providers,... Even if you as a user don't put any trust into it, there are still enough backers on the table.

**dwagner** · 28 January 2020, 03:40 PM

If one thing is for sure, then that is any closed source "trust"-something implementations by companies are not to be trusted, at all.

**madscientist159** · 28 January 2020, 06:30 PM

Originally posted by Adarion View Post

They do not trust me, the end user. I cannot trust it - or them. The program(s) inside the PSP (or ME for that matter) is not trustworthy because it cannot be audited (or changed if faulty).
So why is everyone talking about "trust" when there is no such trust in this whole matter?

And I don't like some blob program in an obscure black box running kind of on ring minus something to mess around in my memory and possibly read keys and clear text and whatnot.

Well said. The solution is simple -- don't buy x86! There are other architectures on the market with similar performance that don't abuse your trust in this manner.

Whenever an x86 vendor says "trusted", what they mean is that the computer is trusted to not be under your control. If you're paying for this privilege, don't. Recognize that it's somehow combining the worst of the lease and ownership worlds, that while you don't have control (thus the resources are effectively leased to you) you are still responsible to pay to replace any hardware that breaks. Win-win for the vendor, lose-lose for you, the consumer.

Did I mention OpenPOWER systems have an open source TEE that you load your own keys into as the root of trust, so you actually can trust it (and lock out Hollywood etc.)?

These x86 implementations, in contrast, have by design the vendor's keys as root of trust, permanently designed / fused into the CPU at manufacture. Any illusion of control of loading your own keys is only by delegation, basically the vendor has allowed you to (in some cases) further restrict their own restrictions they've imposed. Very different model than the OpenPOWER boxes.

Announcement

Linux 5.6 Crypto Code Brings The New AMD TEE Driver

Linux 5.6 Crypto Code Brings The New AMD TEE Driver

Comment

Comment

Comment

Comment

Comment