Hi
user
Admin Login:
Username:
Password:
Name:
Betrusted: Better Security Through Physical Partitioning
--client
lca
--show
lca2020
--room arena 15177 --force
Next: 1 Tensorflow on open source GPUs
show more...
Marks
Author(s):
bunnie, Sean "xobs" Cross, Tom Marble
Location
Arena
Date
jan Fri 17
Days Raw Files
Start
13:30
First Raw Start
error-in-template
Duration
0:45:0
Offset
None
End
14:15
Last Raw End
Chapters
Total cuts_time
None min.
https://lca2020.linux.org.au/schedule/presentation/37/
raw-playlist
raw-mp4-playlist
encoded-files-playlist
mp4
svg
png
assets
release.pdf
Betrusted_Better_Security_Through_Physical_Partitioning.json
logs
Admin:
episode
episode list
cut list
raw files day
marks day
marks day
image_files
State:
---------
borked
edit
encode
push to queue
post
richard
review 1
email
review 2
make public
tweet
to-miror
conf
done
Locked:
clear this to unlock
Locked by:
user/process that locked.
Start:
initially scheduled time from master, adjusted to match reality
Duration:
length in hh:mm:ss
Name:
Video Title (shows in video search results)
Emails:
email(s) of the presenter(s)
Released:
has someone authorised pubication
Unknown
Yes
No
Normalise:
Channelcopy:
m=mono, 01=copy left to right, 10=right to left, 00=ignore.
Thumbnail:
filename.png
Description:
markdown
The condensation of virtually everything into a single device -- the smartphone -- has normalized deviant behaviors that create security risks. For example, many smartphone users conduct secure transactions while juggling several other apps, thus creating opportunities for adversaries to exploit human error. Furthermore, running both secure and insecure code on a common CPU increases the risk of exposing user secrets thanks to microarchitectural side channels -- a large, complex, and opaque attack surface. System architects have introduced "secure enclaves" as a technique to minimize the attack surface between sensitive secrets and an untrusted CPU. In theory, secret key material never leaves the perimeter of the enclave – keys are generated and stored permanently within the enclave. Regardless of the implementation details, secure enclaves inevitably rely on an untrusted CPU to relay messages to the user. This is because there is typically just one screen and keyboard presented to the user, and these elements are directly connected to the untrusted CPU. Thus, secure enclaves can only protect keys from being compromised; they cannot protect the data itself from compromise. This talk introduces Betrusted, a device designed to partition a set of secure applications into a physically separate device that is designed using security-first principles: the hardware is simple, open source, and is user-verifiable from the keyboard to the LCD. Putting secure apps on a separate screen also helps users focus on their secure transactions, while minimizing attack surfaces and eliminating microarchitectural sidechannels. The Betrusted project’s scope will eventually range from secure silicon all the way to application layer code, and we are looking for developers of all stripes who are interested in contributing to the project.
Comment:
production notes
Rf filename:
root is .../show/dv/location/, example: 2013-03-13/13:13:30.dv
Sequence:
get this:
check and save to add this
Veyepar
Video Eyeball Processor and Review