On May 13, 2016 2:42 AM, "Dr. Greg Wettstein" wrote:
>
> On Sun, May 08, 2016 at 06:32:10PM -0700, Andy Lutomirski wrote:
>
> Good morning, running behind on e-mail this week but wanted to get
> some reflections out on Andy's well taken comments and concerns.
>
> > On May 8,
On Sun, May 08, 2016 at 06:32:10PM -0700, Andy Lutomirski wrote:
Good morning, running behind on e-mail this week but wanted to get
some reflections out on Andy's well taken comments and concerns.
> On May 8, 2016 2:59 AM, "Dr. Greg Wettstein" wrote:
> >
> >
> > This now
On Mon, May 09, 2016 at 08:27:04AM +0200, Thomas Gleixner wrote:
Good morning.
> > On Fri, 6 May 2016, Jarkko Sakkinen wrote:
> > I fully understand if you (and others) want to keep this standpoint but
> > what if we could get it to staging after I've revised it with suggested
> >
> This should
On Fri, May 6, 2016 at 4:23 AM, Jarkko Sakkinen
wrote:
> On Wed, Apr 27, 2016 at 10:18:05AM +0200, Ingo Molnar wrote:
>>
>> * Andy Lutomirski wrote:
>>
>> > > What new syscalls would be needed for ssh to get all this support?
>> >
>> > This
On Wed, Apr 27, 2016 at 10:18:05AM +0200, Ingo Molnar wrote:
>
> * Andy Lutomirski wrote:
>
> > > What new syscalls would be needed for ssh to get all this support?
> >
> > This patchset or similar, plus some user code and an enclave to use.
> >
> > Sadly, on current
On Fri 2016-05-06 01:52:04, Jarkko Sakkinen wrote:
> On Mon, May 02, 2016 at 11:37:52AM -0400, Austin S. Hemmelgarn wrote:
> > On 2016-04-29 16:17, Jarkko Sakkinen wrote:
> > >On Tue, Apr 26, 2016 at 09:00:10PM +0200, Pavel Machek wrote:
> > >>On Mon 2016-04-25 20:34:07, Jarkko Sakkinen wrote:
> >
On Mon, May 02, 2016 at 11:37:52AM -0400, Austin S. Hemmelgarn wrote:
> On 2016-04-29 16:17, Jarkko Sakkinen wrote:
> >On Tue, Apr 26, 2016 at 09:00:10PM +0200, Pavel Machek wrote:
> >>On Mon 2016-04-25 20:34:07, Jarkko Sakkinen wrote:
> >>>Intel(R) SGX is a set of CPU instructions that can be
Hi!
> Good morning, I hope everyone's day is starting out well.
:-). Rainy day here.
> > > In the TL;DR department I would highly recommend that anyone
> > > interested in all of this read MIT's 170+ page review of the
> > > technology before jumping to any conclusions :-)
>
> > Would you
On Tue, May 03, 2016 at 05:38:40PM +0200, Pavel Machek wrote:
> Hi!
Good morning, I hope everyone's day is starting out well.
> > I told my associates the first time I reviewed this technology that
> > SGX has the ability to be a bit of a Pandora's box and it seems to be
> > following that
On May 2, 11:37am, "Austin S. Hemmelgarn" wrote:
} Subject: Re: [PATCH 0/6] Intel Secure Guard Extensions
Good morning, I hope the day is starting out well for everyone.
> On 2016-04-29 16:17, Jarkko Sakkinen wrote:
> > On Tue, Apr 26, 2016 at 09:00:10PM +0200, Pavel Machek
On 2016-04-29 16:17, Jarkko Sakkinen wrote:
On Tue, Apr 26, 2016 at 09:00:10PM +0200, Pavel Machek wrote:
On Mon 2016-04-25 20:34:07, Jarkko Sakkinen wrote:
Intel(R) SGX is a set of CPU instructions that can be used by
applications to set aside private regions of code and data. The code
On Tue, Apr 26, 2016 at 09:00:10PM +0200, Pavel Machek wrote:
> On Mon 2016-04-25 20:34:07, Jarkko Sakkinen wrote:
> > Intel(R) SGX is a set of CPU instructions that can be used by
> > applications to set aside private regions of code and data. The code
> > outside the enclave is disallowed to
On Tue, Apr 26, 2016 at 09:00:10PM +0200, Pavel Machek wrote:
> On Mon 2016-04-25 20:34:07, Jarkko Sakkinen wrote:
> > Intel(R) SGX is a set of CPU instructions that can be used by
> > applications to set aside private regions of code and data. The code
> > outside the enclave is disallowed to
On Apr 27, 2016 1:18 AM, "Ingo Molnar" wrote:
>
>
> * Andy Lutomirski wrote:
>
> > > What new syscalls would be needed for ssh to get all this support?
> >
> > This patchset or similar, plus some user code and an enclave to use.
> >
> > Sadly, on current
* Andy Lutomirski wrote:
> > What new syscalls would be needed for ssh to get all this support?
>
> This patchset or similar, plus some user code and an enclave to use.
>
> Sadly, on current CPUs, you also need Intel to bless the enclave. It looks
> like
> new CPUs
Hi!
> > > Preventing cold boot attacks is really just icing on the cake. The
> > > real point of this is to allow you to run an "enclave". An SGX
> > > enclave has unencrypted code but gets access to a key that only it can
> > > access. It could use that key to unwrap your ssh private key and
On Tue 2016-04-26 21:59:52, One Thousand Gnomes wrote:
> > But... that will mean that my ssh will need to be SGX-aware, and that
> > I will not be able to switch to AMD machine in future. ... or to other
> > Intel machine for that matter, right?
>
> I'm not privy to AMD's CPU design plans.
>
>
> But... that will mean that my ssh will need to be SGX-aware, and that
> I will not be able to switch to AMD machine in future. ... or to other
> Intel machine for that matter, right?
I'm not privy to AMD's CPU design plans.
However I think for the ssl/ssh case you'd use the same interfaces
> Replay Protected Memory Block. It's a device that allows someone to
> write to it and confirm that the write happened and the old contents
> is no longer available. You could use it to implement an enclave that
> checks a password for your disk but only allows you to try a certain
> number of
On Tue, Apr 26, 2016 at 12:41 PM, Pavel Machek wrote:
> On Tue 2016-04-26 12:05:48, Andy Lutomirski wrote:
>> On Tue, Apr 26, 2016 at 12:00 PM, Pavel Machek wrote:
>> > On Mon 2016-04-25 20:34:07, Jarkko Sakkinen wrote:
>> >> Intel(R) SGX is a set of CPU instructions
On Mon, Apr 25, 2016 at 10:53:52AM -0700, Greg KH wrote:
> On Mon, Apr 25, 2016 at 08:34:07PM +0300, Jarkko Sakkinen wrote:
> > Intel(R) SGX is a set of CPU instructions that can be used by
> > applications to set aside private regions of code and data. The code
> > outside the enclave is
On Mon, Apr 25, 2016 at 08:34:07PM +0300, Jarkko Sakkinen wrote:
> Intel(R) SGX is a set of CPU instructions that can be used by
> applications to set aside private regions of code and data. The code
> outside the enclave is disallowed to access the memory inside the
> enclave by the CPU access
22 matches
Mail list logo