Re: Mass Manufacturing and the Economics of the Computer Security Problem
Yeah, with the highlight of the top post here rightly pointing out that ideally no part of the chain would rely on non-replaceable/revocable keys.
By their example I would still buy a house with unchangeable locks given absolutely no other choice, but given any sane choice I'd pick the one that doesn't require chucking hardware in the skip whenever the inevitable screw ups land in our lap.
And as you rightly point out, they ARE inevitable. Either someone will break out the sandpaper and extract the keys, or a manufacturer will screw the pooch and leak them.
As painful as it is for Intel and their shareholders, until this effectively triggers a manufacturer recall nothing will change. Intel was a prime offender during the speculative instruction issues revealed in the wake of specter et al. Because they were not forced to address the issue of permanently vulnerable systems on their end it created a new permanent problem in the industry.
If Intel screws up bad enough, you have to buy new server hardware. This generates revenue for them. As a result, they slow walked hardware fixes for many of these problems, and under-invested in mitigations. They knowingly sold vulnerable hardware for years, including hardware where full mitigations came at a punitive performance cost that erased any performance gains on the new architecture. Now the keys to the kingdom are loose, and unless pressed, even new hardware will still be at risk to the same kind of third party leak.