For TDX, Intel’s inhouse hackers conducted their own audits, and the company also put TDX through its security paces by inviting researchers to vet the hardware as part of Intel’s bug bounty program.
Anil Rao, Intel’s vice president and general manager of systems architecture and engineering, says the opportunity for Intel and Google engineers to work as a team was particularly fruitful.
The research that we’re doing will help everybody because Intel Trusted Domain Extension technology is going to be used not only in Google, but everywhere else as well.
Researchers and hackers can always work on attacking hardware and online systems from the outsideand these exercises are valuable because they simulate the conditions under which attackers would typically be looking for weaknesses to exploit.
But collaborations like the one between Google Cloud and Intel have the advantage of allowing outside researchers to conduct black box testing and then collaborate with engineers who have deep knowledge about how a product is designed to potentially uncover even more about how a product could be better secured.
After years of scrambling to remediate the security fallout from design flaws in the processor feature known as speculative execution, chipmakers have invested more in advanced security testing.