Hacker News new | comments | show | ask | jobs | submit login

Thank you for that, and I hope that the people who keep arguing "if you can't trust your hardware, you can't trust anything, so we may as well just blindly trust the hardware" keep this in mind.

A bug deliberately introduced in an AES instruction, or in general purpose instructions that detects crypto operations and leaks information somehow, is much, much harder to implement and hide than a pseudo-random number generator that passes all tests that you apply to it, but produces predictable output for someone who knows some secret key.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: