back to article A match made in SEV-en: Google touts Confidential VMs using AMD's Epyc on-the-fly memory encryption

Google Cloud will today announce the availability, as a beta, so-called Confidential Virtual Machines that feature on-the-fly RAM encryption using per-VM keys. These Confidential VMs, detailed here, will be launched to coincide with the nine-week Google Cloud Next conference that starts today. The virtual machines will be …

  1. don't you hate it when you lose your account


    Google trying to protect users data. As rare as trump wearing a mask!

  2. whitepines

    The PSP is AMD-controlled (signed), closed source, and has access to everything on the system. Even the owner of the machine cannot alter it or replace it because of the AMD signing key.

    Why exactly should I trust this not so little bit of proprietary software, especially in changing legal frameworks mandating backdoors? Remember, AMD doesn't even have enough confidence in their own code to make it a burned-in, non-updateable ROM!

    1. whitepines

      AMD fanboy downvoters: what exactly is it that makes you trust AMD so implicitly here? Why not trust Intel the same way?

    2. Robert Carnegie Silver badge

      If it was non-updateable then I expect they wouldn't have been able to update it.

  3. ratfox
    Paris Hilton

    I would have thought that if you are willing to let your code run on somebody's cloud, you are fine with the basic promise that only your program can read your data (at least, I'm assuming that Google is promising this with or without this encryption). Ultimately, you have to trust Google are not lying to you and that they know what they are doing, because I don't see how you can get proof that your program is really running on the encrypted machine and not any old random server.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like