Hacker News new | past | comments | ask | show | jobs | submit login

Software based is very vulnerable to the evil maid attack.

BTW, Google uses hardware-based security on all of their servers:

https://www.theregister.co.uk/2017/01/16/google_reveals_its_...




Ok, so you move from the "evil maid" reinstalling the OS to having to replace the CPU/whole computer. Yeah that definitely looks like an advantage.


Yes but you can detect that. The enclave can sign a statement that you could verify with a public key for that enclave. So if you replace the hardware there is no way to do that anymore as you cannot extract the private key from the original enclave.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: