I guess you're unaware that Intel TEE does not provide physical protection. Literally out of scope, at least per runZero CEO (which I didn't verify). But anyway, in scope or not, it doesn't succeed at it.

And I mean I get it. As a not-hardware-manufacturer, they have to have a root of trust they build upon. I gather that no one undertakes something like this without very, very, very high competence and that their part of the stack _is_ secure. But it's built on sand.

I mean it's fine. Everything around us is built that way. Who among us uses a Raptor Talus II and has x-ray'd the PCB? The difference is they are making an overly strong claim.

It doesn’t matter either way. Intel is an American company as well, and thus unsuitable as a trust root.

A company of what country would you prefer?

Everyone likes to dunk on the US, but I doubt you could provide a single example of a country that is certainly a better alternative (to be clear I believe many of the west up in the same boat).

A European one. Pulling the kind of tricks the NSA does is considerably harder if you don’t have a secret court with secret orders.

You might want to look into what GCHQ, DGSE, and BND (as examples) actually do. Europe is not some surveillance-free zone.

> Intel is an American company

Literally.

If you’re moving the goalposts from tech implementation to political vibes, it’s just more post-fact nabobism.

"SSL added and removed here :-)"

It’s not about vibes, but clear proof of a strategy to undermine global information security. Is anyone suppose to believe they don’t do that anymore?