Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FAQ answer should be not be single-vendor-specific #11

Open
dthaler opened this issue Apr 25, 2020 · 0 comments
Open

FAQ answer should be not be single-vendor-specific #11

dthaler opened this issue Apr 25, 2020 · 0 comments
Assignees
@cetola

Comments

@dthaler
Copy link

dthaler commented Apr 25, 2020

https://confidentialcomputing.io/faq/ has the question "Can this technology/confidential computing be used for nefarious purposes? How will the CCC protect against this?"

But the answer calls out Intel in particular with "There are research experiments that have been probing Intel-based enclave technologies". This should be replaced by language that is not Intel specific, as there have also been experiments probing other TEE technologies (e.g., here and here).

In addition, the FAQ answer doesn't really address the core question of ways TEEs might be misused, such as are suggested here and here. That is, can a TEE be used to hide malware from virus scanners. The answer is basically that the "authenticated launch" property mentioned in the whitepaper-in-progress would prevent such misuse.
@cetola cetola self-assigned this Apr 25, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cetola cetola

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cetola @dthaler