ForumsEpisode Guide
Register
SGX and Unbreakable DRM
Filter mode:
Topics
(null topic)
Media
🗪Chat Comment
🗩Speech🟉
🎭
🏟
Credits
Host
Casey Muratori
Annotator
Matt Mascarenhas
?
?

Keyboard Navigation

Global Keys

[, < / ], > Jump to previous / next episode
W, K, P / S, J, N Jump to previous / next marker
t / T Toggle theatre / SUPERtheatre mode
z Toggle filter mode V Revert filter to original state

Menu toggling

q Quotes r References f Filter c Credits

In-Menu Movement

a
w
s
d
h j k l


Quotes and References Menus

Enter Jump to timecode

Quotes, References and Credits Menus

o Open URL (in new tab)

Filter Menu

x, Space Toggle category and focus next
X, ShiftSpace Toggle category and focus previous
v Invert topics / media as per focus

Credits Menu

Enter Open URL (in new tab)
0:18AndrewJDR Can you explain how this Intel SGX thing allows for "unbreakable DRM" for applications (kind of an uncommon thing on the PC side up until now)?
🗪
0:18AndrewJDR Can you explain how this Intel SGX thing allows for "unbreakable DRM" for applications (kind of an uncommon thing on the PC side up until now)?
🗪
0:18AndrewJDR Can you explain how this Intel SGX thing allows for "unbreakable DRM" for applications (kind of an uncommon thing on the PC side up until now)?
🗪
1:55Blackboard: The current state of DRM
1:55Blackboard: The current state of DRM
1:55Blackboard: The current state of DRM
7:51Blackboard: Baking the key, e.g. RSA private key, into the CPU
7:51Blackboard: Baking the key, e.g. RSA private key, into the CPU
7:51Blackboard: Baking the key, e.g. RSA private key, into the CPU
15:13andsz_ You could just give them another public key that you have the private key for [see Resources]
🗪
15:13andsz_ You could just give them another public key that you have the private key for [see Resources]
🗪
15:13andsz_ You could just give them another public key that you have the private key for [see Resources]
🗪
18:42Attestation [see Resources]
18:42Attestation [see Resources]
18:42Attestation [see Resources]
21:03bastheimreth What about the above scenario, but where there is no internet connection? How would one run such software in off-line mode?
🗪
21:03bastheimreth What about the above scenario, but where there is no internet connection? How would one run such software in off-line mode?
🗪
21:03bastheimreth What about the above scenario, but where there is no internet connection? How would one run such software in off-line mode?
🗪
21:54Pseudonym73 So the NSA doesn't have to crack it. They just have to rubber-hose Intel
🗪
21:54Pseudonym73 So the NSA doesn't have to crack it. They just have to rubber-hose Intel
🗪
21:54Pseudonym73 So the NSA doesn't have to crack it. They just have to rubber-hose Intel
🗪
22:36Stevoid1990 Can't this be broken using emulation?
🗪
22:36Stevoid1990 Can't this be broken using emulation?
🗪
22:36Stevoid1990 Can't this be broken using emulation?
🗪
22:48Blackboard: SGX, step-by-step
22:48Blackboard: SGX, step-by-step
22:48Blackboard: SGX, step-by-step
26:14macielda Can't they just figure out Intel Key Generator and make a Key Generator for it?
🗪
26:14macielda Can't they just figure out Intel Key Generator and make a Key Generator for it?
🗪
26:14macielda Can't they just figure out Intel Key Generator and make a Key Generator for it?
🗪
27:18Stevoid1990 So even if the emulation contained a valid key from a registered copy it couldn't be cracked?
🗪
27:18Stevoid1990 So even if the emulation contained a valid key from a registered copy it couldn't be cracked?
🗪
27:18Stevoid1990 So even if the emulation contained a valid key from a registered copy it couldn't be cracked?
🗪
28:33AndrewJDR I assume this breaks certain features of the windows API since the memory is protected? Global hook DLLs for example?
🗪
28:33AndrewJDR I assume this breaks certain features of the windows API since the memory is protected? Global hook DLLs for example?
🗪
28:33AndrewJDR I assume this breaks certain features of the windows API since the memory is protected? Global hook DLLs for example?
🗪
29:38ejunkie64 What if the CPU fails or you want to upgrade?
🗪
29:38ejunkie64 What if the CPU fails or you want to upgrade?
🗪
29:38ejunkie64 What if the CPU fails or you want to upgrade?
🗪
30:02Longboolean Would Intel create a different key for each manufactured CPU or is there only ever one key?
🗪
30:02Longboolean Would Intel create a different key for each manufactured CPU or is there only ever one key?
🗪
30:02Longboolean Would Intel create a different key for each manufactured CPU or is there only ever one key?
🗪
30:42CrackedOrb But this means you lose control of your own system since only Intel can perform actions
🗪
30:42CrackedOrb But this means you lose control of your own system since only Intel can perform actions
🗪
30:42CrackedOrb But this means you lose control of your own system since only Intel can perform actions
🗪
31:18ezioauditorerevs How susceptible is the locking of portions of memory / CPU cores to malicious encryption programs that simply want to screw your computer over?
🗪
31:18ezioauditorerevs How susceptible is the locking of portions of memory / CPU cores to malicious encryption programs that simply want to screw your computer over?
🗪
31:18ezioauditorerevs How susceptible is the locking of portions of memory / CPU cores to malicious encryption programs that simply want to screw your computer over?
🗪
32:13ratchetfreak But if the game is sloppy and ends up allowing arbitrary user code execution, then the code can be leaked
🗪
32:13ratchetfreak But if the game is sloppy and ends up allowing arbitrary user code execution, then the code can be leaked
🗪
32:13ratchetfreak But if the game is sloppy and ends up allowing arbitrary user code execution, then the code can be leaked
🗪
32:43pragmascrypt If anyone ever leaks Intel's private key, SGX on all those CPUs would be exploitable?
🗪
32:43pragmascrypt If anyone ever leaks Intel's private key, SGX on all those CPUs would be exploitable?
🗪
32:43pragmascrypt If anyone ever leaks Intel's private key, SGX on all those CPUs would be exploitable?
🗪
33:44Popcorn0x90 Why don't they use this system for banks, something that's worth protecting?
🗪
33:44Popcorn0x90 Why don't they use this system for banks, something that's worth protecting?
🗪
33:44Popcorn0x90 Why don't they use this system for banks, something that's worth protecting?
🗪
34:12quartertron Can you think of awesome usages for this? Like an opt-in anti-cheat thing, so the server would know everyone on it had no aim bots or whatever
🗪
34:12quartertron Can you think of awesome usages for this? Like an opt-in anti-cheat thing, so the server would know everyone on it had no aim bots or whatever
🗪
34:12quartertron Can you think of awesome usages for this? Like an opt-in anti-cheat thing, so the server would know everyone on it had no aim bots or whatever
🗪
36:39Rfh666 Will this constant decryption used while running a game have an effect on performance?
🗪
36:39Rfh666 Will this constant decryption used while running a game have an effect on performance?
🗪
36:39Rfh666 Will this constant decryption used while running a game have an effect on performance?
🗪
37:02Robrobby Once a key pair is known, everybody could use it and encrypt the game with it through Valve, leaving Valve at encrypt everything with the same key (CPU) for different users. Well fail on the way very fast
🗪
37:02Robrobby Once a key pair is known, everybody could use it and encrypt the game with it through Valve, leaving Valve at encrypt everything with the same key (CPU) for different users. Well fail on the way very fast
🗪
37:02Robrobby Once a key pair is known, everybody could use it and encrypt the game with it through Valve, leaving Valve at encrypt everything with the same key (CPU) for different users. Well fail on the way very fast
🗪
39:13cubercaleb Redownloading games sounds bad for SSDs
🗪
39:13cubercaleb Redownloading games sounds bad for SSDs
🗪
39:13cubercaleb Redownloading games sounds bad for SSDs
🗪
39:37macielda Isn't it expensive for Intel to print a different circuit for each CPU?
🗪
39:37macielda Isn't it expensive for Intel to print a different circuit for each CPU?
🗪
39:37macielda Isn't it expensive for Intel to print a different circuit for each CPU?
🗪
39:49Pseudonym73 Does SGX sound like a great place for a rootkit to hide or what?
🗪
39:49Pseudonym73 Does SGX sound like a great place for a rootkit to hide or what?
🗪
39:49Pseudonym73 Does SGX sound like a great place for a rootkit to hide or what?
🗪
40:15ratchetfreak Doesn't that also prevent JIT'ing?
🗪
40:15ratchetfreak Doesn't that also prevent JIT'ing?
🗪
40:15ratchetfreak Doesn't that also prevent JIT'ing?
🗪
41:20macielda Isn't it expensive for Intel to print a different circuit for each CPU and maintain a queryable database for each client 24/7 considering its Key was generated using a quantum measurement of some kind and stuff?
🗪
41:20macielda Isn't it expensive for Intel to print a different circuit for each CPU and maintain a queryable database for each client 24/7 considering its Key was generated using a quantum measurement of some kind and stuff?
🗪
41:20macielda Isn't it expensive for Intel to print a different circuit for each CPU and maintain a queryable database for each client 24/7 considering its Key was generated using a quantum measurement of some kind and stuff?
🗪
43:08AndrewJDR Have you heard any word on whether AMD will be implementing this?
🗪
43:08AndrewJDR Have you heard any word on whether AMD will be implementing this?
🗪
43:08AndrewJDR Have you heard any word on whether AMD will be implementing this?
🗪
43:16cubercaleb Isn't DRM good if you want to prevent people from freely redistributing your software?
🗪
43:16cubercaleb Isn't DRM good if you want to prevent people from freely redistributing your software?
🗪
43:16cubercaleb Isn't DRM good if you want to prevent people from freely redistributing your software?
🗪
45:37Robrobby How you draw the future of restricted hardware I should start not buying hardware like this, right?
🗪
45:37Robrobby How you draw the future of restricted hardware I should start not buying hardware like this, right?
🗪
45:37Robrobby How you draw the future of restricted hardware I should start not buying hardware like this, right?
🗪
46:19Stevoid1990 I imagine this would be great to use for hardware banning from games?
🗪
46:19Stevoid1990 I imagine this would be great to use for hardware banning from games?
🗪
46:19Stevoid1990 I imagine this would be great to use for hardware banning from games?
🗪
47:12Rawdge Let's say a revoke certificate is issued for a compromised CPU, and Valve et al no longer issue new software, why would your system be 'bricked?' Since you already have an encrypted version of the software on your HD, how could they still prevent you from running that software that's already installed?
🗪
47:12Rawdge Let's say a revoke certificate is issued for a compromised CPU, and Valve et al no longer issue new software, why would your system be 'bricked?' Since you already have an encrypted version of the software on your HD, how could they still prevent you from running that software that's already installed?
🗪
47:12Rawdge Let's say a revoke certificate is issued for a compromised CPU, and Valve et al no longer issue new software, why would your system be 'bricked?' Since you already have an encrypted version of the software on your HD, how could they still prevent you from running that software that's already installed?
🗪
48:04Gobfather Since the key is on the CPU, couldn't you just buy a new CPU if the key gets blacklisted instead of a whole new computer?
🗪
48:04Gobfather Since the key is on the CPU, couldn't you just buy a new CPU if the key gets blacklisted instead of a whole new computer?
🗪
48:04Gobfather Since the key is on the CPU, couldn't you just buy a new CPU if the key gets blacklisted instead of a whole new computer?
🗪
48:32mmv94 Won't that generate a huge market for computers that have been blacklisted?
🗪
48:32mmv94 Won't that generate a huge market for computers that have been blacklisted?
🗪
48:32mmv94 Won't that generate a huge market for computers that have been blacklisted?
🗪
49:01macielda It feels like it is just a matter of time until someone somewhere breaks this scheme and it is just a massive waste of time and resources for everyone. Am I right?
🗪
49:01macielda It feels like it is just a matter of time until someone somewhere breaks this scheme and it is just a massive waste of time and resources for everyone. Am I right?
🗪
49:01macielda It feels like it is just a matter of time until someone somewhere breaks this scheme and it is just a massive waste of time and resources for everyone. Am I right?
🗪
49:42ezioauditorerevs Isn't it DRM that is the primary driving force for piracy in the first place?
🗪
49:42ezioauditorerevs Isn't it DRM that is the primary driving force for piracy in the first place?
🗪
49:42ezioauditorerevs Isn't it DRM that is the primary driving force for piracy in the first place?
🗪
50:09cubercaleb I think it is a bigger deal for companies like Adobe and Autodesk, both of which have software with insanely high piracy rates
🗪
50:09cubercaleb I think it is a bigger deal for companies like Adobe and Autodesk, both of which have software with insanely high piracy rates
🗪
50:09cubercaleb I think it is a bigger deal for companies like Adobe and Autodesk, both of which have software with insanely high piracy rates
🗪
50:20mmv94 When big companies start locking out people from using their software, they (the people) will start looking for software from smaller companies that won't use this technology
🗪
50:20mmv94 When big companies start locking out people from using their software, they (the people) will start looking for software from smaller companies that won't use this technology
🗪
50:20mmv94 When big companies start locking out people from using their software, they (the people) will start looking for software from smaller companies that won't use this technology
🗪
51:39Hayai Do you think that there's a chance that the smallish trend of DRM-free games will counteract this SGX stuff in any significant way?
🗪
51:39Hayai Do you think that there's a chance that the smallish trend of DRM-free games will counteract this SGX stuff in any significant way?
🗪
51:39Hayai Do you think that there's a chance that the smallish trend of DRM-free games will counteract this SGX stuff in any significant way?
🗪
53:09Robrobby Sad the entry costs in fab productions are so high, else I would find a Kickstarter soon to some fantastic "user-owned CPU architecture"
🗪
53:09Robrobby Sad the entry costs in fab productions are so high, else I would find a Kickstarter soon to some fantastic "user-owned CPU architecture"
🗪
53:09Robrobby Sad the entry costs in fab productions are so high, else I would find a Kickstarter soon to some fantastic "user-owned CPU architecture"
🗪
53:39ezioauditorerevs Could this be taken a step further if they start putting the key on the motherboard instead of the CPU? That's less replaceable, isn't it?
🗪
53:39ezioauditorerevs Could this be taken a step further if they start putting the key on the motherboard instead of the CPU? That's less replaceable, isn't it?
🗪
53:39ezioauditorerevs Could this be taken a step further if they start putting the key on the motherboard instead of the CPU? That's less replaceable, isn't it?
🗪
54:15AndrewJDR So apparently QEMU (a VM hypervisor) has support for emulating SGX. How is this useful?
🗪
54:15AndrewJDR So apparently QEMU (a VM hypervisor) has support for emulating SGX. How is this useful?
🗪
54:15AndrewJDR So apparently QEMU (a VM hypervisor) has support for emulating SGX. How is this useful?
🗪
55:32SoysauceTheKid For businesses wouldn't this tech be good for the consumer? I would feel more comfortable if my bank had my data encrypted as tight as possible
🗪
55:32SoysauceTheKid For businesses wouldn't this tech be good for the consumer? I would feel more comfortable if my bank had my data encrypted as tight as possible
🗪
55:32SoysauceTheKid For businesses wouldn't this tech be good for the consumer? I would feel more comfortable if my bank had my data encrypted as tight as possible
🗪
56:55cubercaleb Has RAD ever had problems with people pirating their software or people releasing the source code?
🗪
56:55cubercaleb Has RAD ever had problems with people pirating their software or people releasing the source code?
🗪
56:55cubercaleb Has RAD ever had problems with people pirating their software or people releasing the source code?
🗪
57:09macielda Could encrypting each (16GB?) game download using your SGX key be a prohibitive cost for a company like Valve? How likely would it be for Valve to refuse doing such a thing?
🗪
57:09macielda Could encrypting each (16GB?) game download using your SGX key be a prohibitive cost for a company like Valve? How likely would it be for Valve to refuse doing such a thing?
🗪
57:09macielda Could encrypting each (16GB?) game download using your SGX key be a prohibitive cost for a company like Valve? How likely would it be for Valve to refuse doing such a thing?
🗪
58:39Robrobby I am less afraid of prize control with DRM strong as this one. I am more afraid that the OS of the future will block software that hasn't been signed. That is scary!
🗪
58:39Robrobby I am less afraid of prize control with DRM strong as this one. I am more afraid that the OS of the future will block software that hasn't been signed. That is scary!
🗪
58:39Robrobby I am less afraid of prize control with DRM strong as this one. I am more afraid that the OS of the future will block software that hasn't been signed. That is scary!
🗪
59:14Avalier Would the entire time [game] need to be encrypted or just the executable part
🗪
59:14Avalier Would the entire time [game] need to be encrypted or just the executable part
🗪
59:14Avalier Would the entire time [game] need to be encrypted or just the executable part
🗪
1:00:00Gobfather Since Valve made a big push for Linux, I'm willing to bet that they wont jump on the SGX train since it is a possible limiter to consumers
🗪
1:00:00Gobfather Since Valve made a big push for Linux, I'm willing to bet that they wont jump on the SGX train since it is a possible limiter to consumers
🗪
1:00:00Gobfather Since Valve made a big push for Linux, I'm willing to bet that they wont jump on the SGX train since it is a possible limiter to consumers
🗪
1:00:17cubercaleb What is code signing anyway?
🗪
1:00:17cubercaleb What is code signing anyway?
🗪
1:00:17cubercaleb What is code signing anyway?
🗪
1:00:43Blackboard: Public Key Encryption
1:00:43Blackboard: Public Key Encryption
1:00:43Blackboard: Public Key Encryption
1:03:53macielda Casey, would you consider prioritizing developing for OSes which refuse to use SGX?
🗪
1:03:53macielda Casey, would you consider prioritizing developing for OSes which refuse to use SGX?
🗪
1:03:53macielda Casey, would you consider prioritizing developing for OSes which refuse to use SGX?
🗪
1:04:09Stevoid1990 You should do more streams about this kind of stuff, it's really interesting
🗪
1:04:09Stevoid1990 You should do more streams about this kind of stuff, it's really interesting
🗪
1:04:09Stevoid1990 You should do more streams about this kind of stuff, it's really interesting
🗪
1:04:18Robrobby DRM like this is sad. Can you please choose a happier topic for the next chat?
🗪
1:04:18Robrobby DRM like this is sad. Can you please choose a happier topic for the next chat?
🗪
1:04:18Robrobby DRM like this is sad. Can you please choose a happier topic for the next chat?
🗪
1:04:29Wrap things up
1:04:29Wrap things up
1:04:29Wrap things up

Want to support this annotated episode guide?

Miblo is presently its sole maintainer, annotating live.