Signal Messenger Will Use Secure Enclaves To Increase Privacy

[Lucian Armasu]

Signal developers are experimenting with Intel's Software Guard Extensions (SGX) to hide users' contacts from anyone who might want to steal those records, be that rogue employees, hackers, or government agencies.

Signal Messenger Will Use Secure Enclaves To Increase Privacy : Read more

 

[hellwig]

"Much like TrustZone and other similar secure enclaves, you still have to trust the chip’s manufacturer that there’s no hidden way to look at that data."

Uh oh. Search for Intel Management Engine if you do trust Intel in this respect. You can hide it from the OS but you cannot hide it from the CPU, or the CPU's parasitic twin.

 

[bit_user]

"Much like TrustZone and other similar secure enclaves, you still have to trust the chip’s manufacturer that there’s no hidden way to look at that data."

Uh oh. Search for Intel Management Engine if you do trust Intel in this respect. You can hide it from the OS but you cannot hide it from the CPU, or the CPU's parasitic twin.

Not sure about that. I think Intel is more scared of content industry lawyers than of hackers going after their customers. So, features they added for DRM probably don't have backdoors.

BTW, for AMT running outside the CPU package, the SGX-protected memory is definitely encrypted. Even for SoCs which have it onboard, I think it's still encrypted. The SGX encryption/decryption should happen in the core performing the access. So, I think SGX should be safe from IME exploits.

Anyway, kudos to these guys for finding a good use for this DRM stuff.