Announcement

Collapse
No announcement yet.

Intel Announces "Project Amber" For Verifying The Trustworthiness Of Clouds

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Intel Announces "Project Amber" For Verifying The Trustworthiness Of Clouds

    Phoronix: Intel Announces "Project Amber" For Verifying The Trustworthiness Of Clouds

    Following yesterday's Intel Vision 2022 announcements there is a bit more news today. In particular, Intel is announcing Project Amber...

    https://www.phoronix.com/scan.php?pa...-Project-Amber

  • #2
    So... is this going to be a platform that just goes "you don't have Intel's management extensions, you're not secure"?

    Comment


    • #3
      Not sure what Intel is doing here, but it's a good enough reason to play some old school Amber by 311: https://piped.kavin.rocks/watch?v=7D5xEqeNCmg

      Maybe Nick Hexum and the gang can make some cash off of Intel like the Rolling Stones did for years off of Microsoft.

      Comment


      • #4
        "There is no cloud. Is just somebody else computer..."
        <---->

        Comment


        • #5


          at least 5 characters

          Comment


          • #6
            Originally posted by [email protected] View Post

            "There is no cloud. Is just somebody else computer..."


            <---->
            To all the hackers out there:

            Comment


            • #7
              Sounds like a marketing tool to me. What will the output be? "We've detected your instance doesn't support all of Intel's Xeon Scalable extensions because you're running AMD, ARM, or the previous generation Xeon. Ask your cloud provider to upgrade because those platforms are literally poison!"

              Comment


              • #8
                Michael

                Was that photo taken between 550 to 665 nm IR? It has that look.

                Comment


                • #9
                  from the blurb it's going to be:

                  return (cpu_has_latest_intel_extensions());

                  instead of the more realistic:

                  return false;

                  Comment


                  • #10
                    You can't trust cloud computing. If they provide encryption, are the keys only in your hands or are they provided by, or stored with the hosting company? You can say "but if they provide the source code..." but you can't always tell if they're lying and just using some other code to compile on their own servers. You could say "but a third-party code auditor..." -- same deal. If they had a third-party auditor that is allowed to disassemble the code (very unlikely already), well that'd be something. But they won't be able to completely disassemble every instruction into lines of understandable higher-level API code within a moderate amount of time (very VERY unlikely). Companies can be bought off anyway, or they can be provided with fake code or systems to audit. And then who's to say that the NSA, CIA, or other surveillance or hacker network isn't just looking for security exploits or brute-forcing it in realtime while your data is just sitting there? The only computing system you can trust is the one YOU own and control, with encryption keys that ONLY YOU have, with the recommendation that they be air-gapped, since anything connected to a network is up for grabs.

                    Comment

                    Working...
                    X