Reply to post:

Intel SGX 'safe' room easily trashed by white-hat hacking marauders: Enclave malware demo'd

Blazde

If the interface between any security domains is well enough constrained then it's secure. The central problem is that if you can gain even a few bits of flexibility over unintended control flow then it's highly likely you can leverage it to usurp the Turing machine in a universal way, and run whatever you like. All the ASLR/stack canary/etc technology complicates the task greatly but raises the theoretical bar hardly at all.

Almost all Turing machines are universal, yet when we create a secure system we're trying to find a (usually very) complex machine which is *not* universal. It's an almost unimaginably impossible task.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019