Summary: In October 2018, Bloomberg published an article making unsubstantiated claims about a supply chain breach in servers.<br> The story, which Bloomberg stands by but is widely regarded as wrong, draws attention to a significant issue: our technology infrastructure is undergirded by a global supply chain that could be compromised by malicious actors.<br> This got me thinking about hardware secure enclaves such as:<br> <br> * Intel Trusted Execution Technology (Intel TXT )<br> * Intel Software Guard Extensions (Intel SGX)<br> * ARM Cryptoisland, which includes features for secure manufacturing, implemented as Cryptocell<br> <br> Today’s show dives into issues around supply chain security and related technologies. My guests are Greg Shipley, Deputy Director at <a href="https://www.cyberreboot.org/" target="_blank" rel="noopener">Cyber Reboot</a>, an In-Q-Tel Lab; and Justin Wilder, Vice President at In-Q-Tel.<br> Our conversation aims to:<br> <br> * Provide a high-level overview of TXT, SGX, etc., and why they matter<br> * Explore how the market has (attempted) to implement some of these approaches, what has worked, and what hasn’t<br> * Examine what trusted execution or similar measures look like in the routing and switching world<br> * Propose some ideas on how to move the whole thing forward<br> <br> Sponsor: InterOptic<br> <a href="https://interoptic.com/" target="_blank" rel="noreferrer noopener">InterOptic</a> offers high-performance, high-quality optics at a fraction of the cost. If you’re not doing optics correctly, you’re going to pay for it upfront (and then later too). Don’t be fooled by lesser optics. The difference between generic third-party and brand-equivalent optics matters. Go to <a href="https://interoptic.com/" target="_blank" rel="noreferrer noopener">InterOptic.com</a> to learn more.<br> Sponsor: Cumulus Networks<br> By building innovative data center products with Linux, Cumulus offers unprecedented interoperability, agility and scale, and makes integrating your open source software with your proprietary software seamless and efficient. To learn more about Cumulus’ open source philosophy and contributions, head to <a href="http://cumulusnetworks.com/openpod" target="_blank" rel="noreferrer noopener">cumulusnetworks.com/openpod</a>.<br> Show Links:<br> <a href="https://www.intel.com/content/www/us/en/support/articles/000025873/technologies.html" target="_blank" rel="noopener">Intel® Trusted Execution Technology (Intel® TXT) Overview</a> – Intel<br> <a href="https://www.intel.com/content/www/us/en/architecture-and-technology/software-guard-extensions.html" target="_blank" rel="noopener">Intel® Software Guard Extensions (Intel® SGX)</a> – Intel<br> <a href="https://www.arm.com/products/silicon-ip-security/cryptoisland" target="_blank" rel="noopener">Cryptoisland Family</a> – ARM<br> <a href="https://www.cyberreboot.org/" target="_blank" rel="noopener">Cyber Reboot</a><br> <a href="https://blog.cyberreboot.org/" target="_blank" rel="noopener">Cyber Reboot blog</a><br> <a href="https://twitter.com/_cyberreboot" target="_blank" rel="noopener">Cyber Reboot on Twitter</a><br>
