amanfromMars 1 Tue 4 Sep 06:48  …. spilling sensitive and/or sensible secrets and saying more on https://forums.theregister.co.uk/forum/1/2018/08/31/keystone_secure_enclave/
That’s the Surreal Gift which just keeps on Giving, AC ….. Sublime Alien Progress.
That’s not say an open source secure element would be immune to such problems, but an open specification with source code would be more trustworthy because it could be scrutinized.
Hmm well, as we’ve seen before it does actually require someone to read, comprehend and scrutinise it. There’s a lot of people out there who wrongly assume that open source software has been reviewed, when in practice it’s unlikely to have been thoroughly looked at.
Given that the number of people who can review chip designs is even smaller than the number of competent software engineers, I don’t hold up much hope for this getting sufficient attention. …… Anonymous Coward
The Fly in the Ointment which are as the Elephants in the Rooms Supplying Endless SMARTR* Opportunities for Ruthless Exploitation and Further Fundamental Base and Radical Speculative Experimental Development in Systemic Vulnerabilities with Ineffective Patches is …. there are only a very few and not a lot of people out there able/enabled to read, comprehend and scrutinise source code specifications worthy of Secure IntelAIgent Servers Trailing and Trialing Advanced IntelAIgent Services such as would be Future News and Views Today.
And if you think that is impossible, are you not clearly thinking when practically anything is virtually possible and vice versa and we imagine and create the unimaginable.
And be in no doubt, it receives overwhelming leading attention … given what it cannot not do.
* … SMARTR Mentored Analysis Reporting Titanic Research.