Yup. I'm amazed too.
On the one hand I wish the signing keys are found/"figured out" one day; that means I can look at the OS myself, which would be cool.
But on the other hand, that gives rise to "3 CPUs for your rootkits!" (there are 3 486 cores) intrusions that would be unsettlingly hideable.
I'm torn about which way to go. Personally I actually wish the signing keys (or a circumvention) was in wide circulation - it means I have to be hyper-aware about my system state and what's running on it, but the chances are, if I can modify the code running on the 486 cores, I can run my own code on them that interacts with the rest of my system in detectable ways I can define myself (eg, writing a tiny string to a known part of memory immediately causes it to be changed (eg, hashed) to something else according to an algorithm) so I know the 486 cores are busy running my code (and hopefully only my code). Shard, fragment, encrypt, obfuscate, etc that logic a few degrees, and you should have a good canary.
And then I get to say _I'm_ using (in the sense that I own) all 11 cores, 19 cores, 27 cores, etc in my Intel CPU.
FWIW, it does seem that the keys are floating around out there: https://news.ycombinator.com/item?id=14189982 (i336_ was my previous account before I accidentally locked it)
