←back to thread

Private Cloud Compute Security Guide

(security.apple.com)
295 points djoldman | 1 comments | 06 Nov 24 13:48 UTC | HN request time: 0.256s | source
Show context
jagrsw ◴[06 Nov 24 14:25 UTC] No.42062732[source]
If Apple controls the root of trust, like the private keys in the CPU or security processor used to check the enclave (similar to how Intel and AMD do it with SEV-SNP and TDX), then technically, it's a "trust us" situation, since they likely use their own ARM silicon for that?

Harder to attack, sure, but no outside validation. Apple's not saying "we can't access your data," just "we're making it way harder for bad guys (and rogue employees) to get at it."

replies(5): >>42062974 #>>42063040 #>>42063051 #>>42064261 #>>42065655 #
1. SheinhardtWigCo ◴[06 Nov 24 17:20 UTC] No.42065655[source]
It was always "trust us". They make the silicon, and you have no hope of meaningfully reverse engineering it. Plus, iOS and macOS have silent software update mechanisms, and no update transparency.