Oh, it's not quite that bad. You can run SGX code and work with encrypted data, ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

teraflop on Dec 16, 2017 | parent | context | favorite | on: MobileCoin: A New Cryptocurrency from Moxie Marlin...

Oh, it's not quite that bad. You can run SGX code and work with encrypted data, including generating attestation messages. It's just that there's no way to verify those attestation messages yourself; you have to ask Intel to do it.

It's also worth noting that SGX can run in two modes. There's "debug mode", which provides absolutely no security because a debugger has complete access to the state of the enclave. And then there's "release mode", which requires a key that you can only obtain by signing a commercial agreement and NDA with Intel.

mtgx on Dec 16, 2017 [–]

Why the hell would Intel require an NDA to give you the private key?

That's shady af.

mike_hearn on Dec 17, 2017 | [–]

It's not actually an NDA (I've signed it). You have to agree to not use SGX to make un-debuggable malware.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact