Prevent cold boot attacks using TRESOR

TreVisor and TRESOR are some of the most amazing things going on. Combine that with QUBES out of Invisible Things, and you could conceivably trust a computer built of untrustworthy hardware operated by your worst adversary, as long as you trust a tiny subset of it -- potentially just the Intel CPU.<p>The nice thing about trusting just a latest-edition Intel CPU is that they're so far ahead of everyone else in process that most attacks would be technically difficult for anyone except Intel, NSA, etc. Chris Tarnovsky isn't going to be able to extract keys out of Intel E5 CPUs in 6 hours with even a 10x bigger than $1.5mm lab, so as long as you deal with a machine which disappears faster than 6h (rotating keys, releasing the hounds, etc.), you should be safe.<p>One of the few things (along with the takeover of mobile OSes vs. legacy crappy desktop OSes) which makes me hopeful for security.

Sounds interesting. Very clever thinking.<p>Just hope it doesn't get turned on its head for some yet-another layer of DRM that stops us from accessing our own content.<p>I guess (or hope) that seeding the key into the CPU in the first place is what's going to make it hard for content owners to use for DRM?