The primary security measure protecting most HSMs appears to be how much it costs to buy a frigging HSM.
-
-
@bascule@matthew_d_green Yeah, certification is the big problems, still convinced they have interesting actual security properties though. -
@lvh@matthew_d_green properties fulfilled by cheap YubiHSMs or even cheaper hardware tokens, IMO -
@bascule Hm. The issues I'm hearing re: *using* HSMs aren't price point. I thought@matthew_d_green was talking about *breaking* them. -
@bascule@matthew_d_green And an open source design for them could certainly cover the peer security review case :) -
@bascule@matthew_d_green (I am assuming that hiding backdoors in some specific silicon is easier than hiding one in every FPGA.)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.