You also have to trust your VM host not to provide an emulated SGX (which is wha... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		regularfry on April 2, 2016 \| parent \| context \| favorite \| on: Reddit removed NSL canary from 2015 Transparency R... You also have to trust your VM host not to provide an emulated SGX (which is what https://github.com/sslab-gatech/opensgx is, unless I'm very much mistaken).

anonymousDan on April 8, 2016 [–]

I think you're mistaken. Intel provides infrastructure to ensure you're talking to an enclave running on an actual Intel machine, and you can then do a remote attestation to verify the contents of that enclave.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact