News: 0178695170

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

VP.NET Publishes SGX Enclave Code: Zero-Trust Privacy You Can Actually Verify

(Friday August 15, 2025 @05:21PM (Slashdot Staff) from the dont-trust-verify dept.)


[1]VP.NET has released the source code for its Intel SGX enclave on [2]GitHub , allowing anyone to build the enclave and verify its mrenclave hash matches what's running on the servers. This takes "don't trust, verify" from marketing to reality, making privacy claims testable all the way down to hardware-enforced execution.

A move like this could set a new benchmark for transparency in privacy tech.



[1] https://vp.net/

[2] https://github.com/vpdotnet/vpnetd-sgx


Slashdot, oh slashdot (Score:2, Interesting)

by Anonymous Coward

The worst slashvertisement I've seen in a while - specifically for a product none of us want, running on vendor specific hardware extensions that are questionable at best, making grandiose claims, with a language most of us dislike.

https://en.wikipedia.org/wiki/Software_Guard_Extensions#SGX_malware_arguments

Oy (Score:2)

by cascadingstylesheet ( 140919 )

Just put them in the huge banner ad at the top, eh. We'll give them the attention they are due ...

Not great. (Score:2)

by Gravis Zero ( 934156 )

Honestly, I don't trust Intel CPUs for a second. All they are telling me with this is that they are heavily invested in bad hardware that they may or may not be running the mitigations for. If they are then it makes little sense and if they aren't then you are vulnerable. I mean, [1]even SGX is insecure which is why it's deprecated. [bleepingcomputer.com]

I would trust them a lot more if they weren't using Intel CPUs.

[1] https://www.bleepingcomputer.com/news/security/new-intel-chips-wont-play-blu-ray-disks-due-to-sgx-deprecation/

Re: Not great. (Score:2)

by drinkypoo ( 153816 )

AMD CPUs have a processor inside of the processor as well, in everything after the FX line. You certainly shouldn't trust Intel, but who can you trust?

as seen in (Score:2)

by awwshit ( 6214476 )

> they talk about us.... slashdot

No we don't talk about this, these guys paid slashdot to put slashdot's logo on their site.

Funny, the summary doesn't even say that it is a VPN service.

What are you doing that you need a VPN and need to (somehow) verify that the VPN is not snooping on you?

Looks like this is the target market:

[1]https://vp.net/img/graphic-dog... [vp.net]

[1] https://vp.net/img/graphic-doge_320x320.7f1bdfdd.webp

or the worst mistake in the history of Intel (Score:2)

by usedtobestine ( 7476084 )

If there are any bugs rated at a cvss of 10 in that code, every Intel based server on the internet is going to die a spectacular death.

The Beatles:
Paul McCartney's old back-up band.