I don't understand what this secures, with the exception of Dell's profit. If it... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		nottorp on Sept 9, 2020 \| parent \| context \| favorite \| on: AMD PSB Vendor Locks EPYC CPUs for Enhanced Securi... I don't understand what this secures, with the exception of Dell's profit. If it locks the CPU to a certain manufacturer, all an attacker has to do is get an identical new system and swap the CPUs. Besides, what matters is the data on the storage. Is it encrypted with keys stored on the CPU? If it's not, how does this help?

stingraycharles on Sept 9, 2020 [–]

I may be wrong, but as far as I understand the most likely scenario it protects against is a tampered bootloader. Someone could inject malware in there and then the whole chain of trust of secure computing breaks.

nottorp on Sept 9, 2020 | [–]

Ok, that makes sense.

What does not make sense is that it's not optional.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact