| ▲ | Reddit_MLP2 2 hours ago | |
but if the host OS is already comprised, what is the point of sandbox inside of it? | ||
| ▲ | necovek an hour ago | parent [-] | |
Maybe we need secure attestation for sandbox to be protected against compromised host :) It does sound hard, and might need to employ homomorphic encryption with hw help for any memory access after code has been also verifiably unaltered through (uncompromised) hw attestation. | ||