We need fully bootstrapping libre hardware avoiding the trusting trust problem YESTERDAY. If we had that, this entire load of problems would disappear and becomes one of cryptographically certified agent-to-agent, end-to-end trust provenance attesting.
The entire concept of a "compromisable system" only exists because we let the industry get away with closed hardware bullshit and because we put our fingers in our ears and go "LALALALALA CAN'T HEAR YOU" whenever someone brings up the trusting trust problem.
I suspect we do that because it, for quite a while now, has let us avoid confronting the age old philosophical questioning of the risks & uncertainties of inter- & intrapersonal placement & position of trust & doubt.
Quite similar to how philosophers tend to pack up and run away screaming any time someone brings up the Münchhausen trilemma, because, to quote rationalwiki:
"it breaks the legs of philosophy, science, and any other possible approach to reality."
1. https://twitter.com/BRIAN_____/status/1074541770782892032
2. https://foreshadowattack.eu/
3. https://twitter.com/bascule/status/1085087004352602112
4. https://github.com/jovanbulck/sgx-step
Any many more.
SGX is a hamfisted pseudo-solution better solved properly by going to the roots of the nightmare landscape of trust issues:
http://bootstrappable.org/
http://langsec.org/occupy/
We need fully bootstrapping libre hardware avoiding the trusting trust problem YESTERDAY. If we had that, this entire load of problems would disappear and becomes one of cryptographically certified agent-to-agent, end-to-end trust provenance attesting.
The entire concept of a "compromisable system" only exists because we let the industry get away with closed hardware bullshit and because we put our fingers in our ears and go "LALALALALA CAN'T HEAR YOU" whenever someone brings up the trusting trust problem.
I suspect we do that because it, for quite a while now, has let us avoid confronting the age old philosophical questioning of the risks & uncertainties of inter- & intrapersonal placement & position of trust & doubt.
Quite similar to how philosophers tend to pack up and run away screaming any time someone brings up the Münchhausen trilemma, because, to quote rationalwiki:
"it breaks the legs of philosophy, science, and any other possible approach to reality."