On Tue, May 03, 2016 at 05:38:40PM +0200, Pavel Machek wrote: > Hi! Good morning, I hope everyone's day is starting out well. > > I told my associates the first time I reviewed this technology that > > SGX has the ability to be a bit of a Pandora's box and it seems to be > > following that course. > Can you elaborate on the Pandora's box? System administrator should > be able to disable SGX on the system, and use system to do anything > that could be done with the older CPUs, right? Correct, there is certainly the on/off switch. I viewed it as a Pandora's box secondary to the fact that it was the first commodity based shrouded TEE that had the opportunity for significant market penetration. As such and secondary to its technical characteristics, it has the potential for both good and bad and like TXT in the last decade it was/is bound to induce significant debate secondary to software freedom and potential monopolistic practices. > > Intel is obviously cognizant of the risk surrounding illicit uses of > > this technology since it clearly calls out that, by agreeing to have > > their key signed, a developer agrees to not implement nefarious or > > privacy invasive software. Given the known issues that Certificate > Yeah, that's likely to work ... not :-(. "It is not spyware, it is > just collecting some anonymous statistics." The notion that an enclave can look out but could not be looked into introduces privacy issues into the conversation, see my reflections on Pandoras box... :-) > > domination and control. They probably have enough on their hands with > > attempting to convert humanity to FPGA's and away from devices which > > are capable of maintaining a context of exection... :-) > Heh. FPGAs are not designed to replace CPUs anytime soon... And > probably never. Never is a long time. Intel has clearly drawn a very significant line in the sand with respect to FPGA technology if you read Krzanich's reflections regarding his re-organization of Intel. Whether or not they are successful, they are going to declare a demarcation point with respect to IOT devices which has the potential to impact the industry in general and security in particular. On one side are going to be FPGA based devices and on the other side devices with a context of execution. I doesn't require a long stretch of the imagination to see hordes of IOT devices with specific behaviors burned into them which export sensor or telemetry data upstream. Depending on how successful they are with the Altera acquisition there are potentially positive economic security factors which could be in play. All of that is certainly not a conversation specific to SGX though. > > In the TL;DR department I would highly recommend that anyone > > interested in all of this read MIT's 170+ page review of the > > technology before jumping to any conclusions.... :-) > Would you have links for 1-5? First off my apologies to the list as I loathe personal inaccuracy, the MIT review paper is only 117 pages long. I was typing the last e-mail at 0405 in the morning and was scrambling for the opportunity to get 50 minutes of sleep so my proofreading was sloppy... :-) The following should provide ample bedstand reading material for those interested in SGX and TEE's: 1.) HASP/SGX paper: https://software.intel.com/sites/default/files/article/413939/hasp-2013-innovative-technology-for-attestation-and-sealing.pdf 2.) IAGO threat model: https://cseweb.ucsd.edu/~hovav/dist/iago.pdf 3.) Haven paper: http://research.microsoft.com/pubs/223450/osdi2014-haven.pdf 4.) Controlled sidechannel attacks: http://research.microsoft.com/pubs/246400/ctrlchannels-oakland-2015.pdf https://software.intel.com/en-us/blogs/2015/05/19/look-both-ways-and-watch-out-for-side-channels 5.) MIT/SGX analysis: https://eprint.iacr.org/2016/086.pdf > Thanks, > Pavel No problem, enjoy the reading.... :-) Have a good day. Greg As always, Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC. 4206 N. 19th Ave. Specializing in information infra-structure Fargo, ND 58102 development. PH: 701-281-1686 FAX: 701-281-3949 EMAIL: greg@xxxxxxxxxxxx ------------------------------------------------------------------------------ "One problem with monolithic business structures is losing sight of the fundamental importance of mathematics. Consider committees; commonly forgotten is the relationship that given a projection of N individuals to complete an assignment the most effective number of people to assign to the committee is given by f(N) = N - (N-1)." -- Dr. G.W. Wettstein Guerrilla Tactics for Corporate Survival -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html