| ▲ | esseph 5 hours ago | |
But can you trust the hardware encryption to not be backdoored, by design? That's my point, this sounds like a way to create a backdoor for at-rest data. | ||
| ▲ | jayd16 2 hours ago | parent | next [-] | |
By design, you don't trust it. You never hand out the keys so there's no secret to back door. The task is never unencrypted, at rest or otherwise. | ||
| ▲ | cassonmars 5 hours ago | parent | prev | next [-] | |
You can if the manufacturer has a track record that refutes the notion, and especially if they have verifiable hardware matching publicly disclosed circuit designs. But this is Intel, with their track record, I wouldn't trust it even if the schematics were public. Intel ME not being disable-able by consumers, while being entirely omitted for certain classes of government buyers tells me everything I need to know. | ||
| ▲ | bilekas 5 hours ago | parent | prev | next [-] | |
> That's my point, this sounds like a way to create a backdoor for at-rest data. I get the feeling honestly it seems more expensive and more effort to backdoor it.. | ||
| ▲ | anon291 an hour ago | parent | prev [-] | |
Well yeah... You do the initial encryption yourself by whatever means you trust | ||