Paradoxically, open source security chips are harder to certify because the certification standards such as Common Criteria evaluates closed-source flaws as “more secure” than open-source flaws. My understanding is that the argument goes something along the lines of, “hacking chips is hard, so any barrier you can add to the up-front cost of exploiting the chip increases the effective security of the chip overall”. Basically, if the pen tester doing a security evaluation judges that a bug is easier to find and exploit if the source code is public, then, sharing the source code lowers your score. As a result, the certification scores of open source chips are likely much worse than that of a closed source chip. And, since you can’t sell security chips to big customers without certifications, security chips end up being mostly closed source.
Раскрыты подробности о договорных матчах в российском футболе18:01
。关于这个话题,使用 WeChat 網頁版提供了深入分析
На Украине захотели заблокировать все соцсети и назвали их абсолютным злом20:42
Global oil prices surged past the $100 (£74, AU$142) a barrel mark for the first time since 2022 as escalating military aggression in the Middle East continues to wipe 20m barrels of oil from the market each day.
arstechnica.com