There are two kinds of risks: A malicious TEE manufacturer could attest fake devices, introduce backdoors, or suddenly refuse to remotely attest genuine devices design flaws (Intel SGX: Foreshadow, Plundervolt, SGAxe)Various vulnerabilities have been found by white hat hackers and fixed by Intel by means of microcode patches. Integritee requires regular refreshing of remote attestation (around every 24h) to verify that the most recent patches have been applied. As always in cybersecurity: It’s a race against time. TEEs just add another layer of security on top of state-of-the-art protection measures.
