back to article VMware, AMD, Samsung and RISC-V push for confidential computing standards

VMware has joined AMD, Samsung, and members of the RISC-V community to work on an open and cross-platform framework for the development and operation of applications using confidential computing hardware. Revealing the effort at the Confidential Computing Summit 2023 in San Francisco, the companies say they aim to bring about …

  1. Ken Hagan Gold badge

    Meanwhile, outside of VMware's business model, zillions of people use the simpler and more robust method of "owning the machine it is running on".

    1. b0llchit Silver badge

      Preposterous and old fashioned! Haven't you heard, you are not supposed to thinkcompute yourself. Think of the childrenbig companies' bottom line, please.

    2. that one in the corner Silver badge

      But how could companies collaborate in a "multi-party computation and analytics" project?

      They would have to come up with some way of copying each others' datasets onto all those machines. Maybe invent some kind of "mobile storage medium" that exists outside of the datacentre?

      You know, that is a crazy idea, but it might just be crazy enough to work!

    3. Bebu Silver badge

      More difficult than might be thought?

      《owning the machine it is running on

      Apart from the gentlemen from the slightly more dodgy parts of the world kindly administering (pwning) your servers, Intel's management engine (ME), DELL iDRACs, iLO, iKVM and their ilk leaves me wondering who does actually own my servers.

  2. Anonymous Coward
    Anonymous Coward


    Every secure enclaves strategy will be cracked eventually, and once cracked, that's it until new hardware with the next enclave strategy is released.

  3. Bebu Silver badge

    The whats, whys and hows.

    Coincidentally I was wondering last night, whether signing system calls and verifying the return values would make much sense. Comes down to "what is trusted"- here the kernel, "what is doing the trusting (and why)" - here some process, and what are the attacks that might be thwarted?

    A typical bit of skulduggery, I have occasionally engaged in, has been to intercept syscalls retrieving the hosts mac address and redact it to something, er.., more convenient. Signing syscalls could hinder such shenanigans but I suspect it ultimately would reduce to a spy.v.spy cycle of measure and counter-measure.

    Without formal models and formal verification I wouldn't think any enclave technology would be worth a rat's or tinker's.

  4. bigtreeman

    Pwn the world

    Port that "secure" framework into desktop operating systems and the corporate world has pwned everyone and all their data.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like