Why only Macs? If we think of all PCs and mobile phones running idle, the potential is much larger.

From the paper: https://github.com/Layr-Labs/d-inference/blob/master/papers/...

> Apple’s attestation servers will only generate the FreshnessCode for a genuine device that checks in via APNs. A software-only adversary cannot forge the MDA certificate chain (Assumption 3). Com- bined with SIP enforcement (preventing binary replace- ment) and Secure Boot (preventing bootloader tampering), this provides strong evidence that the signing key resides in genuine Apple hardware.

	▲	saagarjha an hour ago \| parent [-]
		I am not entirely sure they understand that System Integrity Protection and Secure Boot can be turned off.

▲

nl 3 hours ago | parent | prev | next [-]

They use the Apple TEE which they claim also protects GPU memory (I wasn't aware of this).

NVidia data center GPUs have a similar path, but not their consumer ones. Not sure about the NVidia Spark.

It's possible AMD Strix Halo can do this, but unlikely for any other PC based GPU environments.

	▲	MrDrMcCoy 3 hours ago \| parent [-]
		Epyc has that VM encrypted memory thing, which comes pretty close. It does raise an interesting question, though: would a PCIe card passed through to a VM be able to DMA access the memory of neighboring devices?

▲

stryakr 3 hours ago | parent | prev [-]

simple first target, PCs have more variability