VMware, AMD, Samsung and RISC-V push for confidential computing standards VMware has joined AMD, Samsung, and members of the RISC-V community to work on an open and cross-platform framework for the development and operation of applications using confidential computing hardware. Revealing the effort at the Confidential Computing Summit 2023 in San Francisco, the companies say they aim to bring about …
But how could companies collaborate in a "multi-party computation and analytics" project?
They would have to come up with some way of copying each others' datasets onto all those machines. Maybe invent some kind of "mobile storage medium" that exists outside of the datacentre?
You know, that is a crazy idea, but it might just be crazy enough to work!
《owning the machine it is running on
Apart from the gentlemen from the slightly more dodgy parts of the world kindly administering (pwning) your servers, Intel's management engine (ME), DELL iDRACs, iLO, iKVM and their ilk leaves me wondering who does actually own my servers.
Coincidentally I was wondering last night, whether signing system calls and verifying the return values would make much sense. Comes down to "what is trusted"- here the kernel, "what is doing the trusting (and why)" - here some process, and what are the attacks that might be thwarted?
A typical bit of skulduggery, I have occasionally engaged in, has been to intercept syscalls retrieving the hosts mac address and redact it to something, er.., more convenient. Signing syscalls could hinder such shenanigans but I suspect it ultimately would reduce to a spy.v.spy cycle of measure and counter-measure.
Without formal models and formal verification I wouldn't think any enclave technology would be worth a rat's or tinker's.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
