Announcement

Collapse
No announcement yet.

Intel SGX Enclaves Support For Linux Sent Out For A 29th Time

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Intel SGX Enclaves Support For Linux Sent Out For A 29th Time

    Phoronix: Intel SGX Enclaves Support For Linux Sent Out For A 29th Time

    Going on since 2016 has been the long-running effort getting the Software Guard Extensions (SGX) support into the mainline Linux kernel. Sent out this week was the SGX foundation patches for the twenty-ninth time as it works to get into shape for upstream acceptance...

    http://www.phoronix.com/scan.php?pag...tions-29-Linux

  • #2
    They sure took the "If at first you don't succeed. Try, try, try again" to the extreme.
    I'm not sure Hicksons idea was that the 29:th time's a charm tough.

    Comment


    • #3
      Please stop already... After the LVI thing, what's the point of this anymore...


      2050: "Intel SGX Enclaves Support For Linux Sent Out For A 200th Time"

      Comment


      • #4
        Intel's SGX issues tends to lend considerable weight to IBM's assertion many years ago that trusted enclaves like TPM, SGX, TrustZone, etc won't stand up to anyone sufficiently motivated and have physical access to the hardware - or even remote access if they are highly skilled and well funded eg: Spectre.

        Not to say we shouldn't try to make computing secure (as possible), only that we should never assume some technology will make systems so secure they can't be broken (like the drek DRM maximalists push.)
        Last edited by stormcrow; 04-26-2020, 05:14 PM.

        Comment


        • #5
          Weil there are some things that stand up to the task. Like smartcards or the tpm modules. Sure the processes around them where broken and there where issues with weak keys, but the core system is that simple ( verifying a signature or signing something ) that it is extremely unlikely to be broken..

          Comment


          • #6
            I'm fine with it, as long as I can configure it to not hide memory and such from me. I should always be in complete control of all the software that runs on my computer. At least, let me pretend it's here...

            Comment

            Working...
            X