Announcement

Collapse
No announcement yet.

Intel Announces "Project Amber" For Verifying The Trustworthiness Of Clouds

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • edwaleni
    replied
    I wonder if someone at Intel is making a bit of an inside joke.

    With the ongoing defamation trial between Johnny Depp and Amber Heard, one of the issues the plaintiffs attorneys have made is on the "trustworthiness" of Miss Heard.

    So now we have a project on "trust" named "Project Amber".

    Coincidence?

    Leave a comment:


  • Anux
    replied
    They need a fancy project to tell people that cloud is not trustworthy? Could've just asked me.
    Here in Germany there is a saying "Ist es in der Cloud, wird es bald geklaut." (if its in the cloud, it will soon get stolen) and "klaut" sounding exactly like cloud in german.

    Leave a comment:


  • Smurphy
    replied
    Or I do it as before - selfhost all services @ home, and show the middle finger to all these marketing types/hypes out there.
    Biggest issue really being companies to completely monitor employees computers now (you stick in a USB drive and Security Team + Your admin get an e-mail notification). They keep the right to enable the microphone/camera at any time, and you are not allowed to install any software. Soon you will be able to connect only to these services "approved" by google/apple/whatever - of course, the subscription fees will be horrendous again ;D

    Am I the last Mohican in the company I work at to use Linux on his laptop? I guess I am. Don't know how long they will let me do that (doing it for 15 years already).

    Leave a comment:


  • Developer12
    replied
    SGX? The thing researchers keep punching new holes in every couple of months?

    We just got an article noting how hosts can fuck with VM crypto using replay attacks, where not enough entropy is available to prevent the random number generator state from being the same. The best mitigation we have is for the host to politely inform the VM that's it's been restarted.

    The idea that you can somehow not trust servers that are not in your physical possession is insane. Buy an Oxide rack, move on-prem if you care so much.

    Leave a comment:


  • slalomsk8er
    replied
    Right now is maybe not the best of times to try to market trust with the name Amber.

    Leave a comment:


  • Waethorn
    replied
    Was Intel TXT discontinued? Why is it that newer systems are defaulting to having it off, and some people (manufacturers among others) are recommending it be disabled? Just another hack?

    Leave a comment:


  • Waethorn
    replied
    You can't trust cloud computing. If they provide encryption, are the keys only in your hands or are they provided by, or stored with the hosting company? You can say "but if they provide the source code..." but you can't always tell if they're lying and just using some other code to compile on their own servers. You could say "but a third-party code auditor..." -- same deal. If they had a third-party auditor that is allowed to disassemble the code (very unlikely already), well that'd be something. But they won't be able to completely disassemble every instruction into lines of understandable higher-level API code within a moderate amount of time (very VERY unlikely). Companies can be bought off anyway, or they can be provided with fake code or systems to audit. And then who's to say that the NSA, CIA, or other surveillance or hacker network isn't just looking for security exploits or brute-forcing it in realtime while your data is just sitting there? The only computing system you can trust is the one YOU own and control, with encryption keys that ONLY YOU have, with the recommendation that they be air-gapped, since anything connected to a network is up for grabs.

    Leave a comment:


  • mlau
    replied
    from the blurb it's going to be:

    return (cpu_has_latest_intel_extensions());

    instead of the more realistic:

    return false;

    Leave a comment:


  • skeevy420
    replied
    Michael

    Was that photo taken between 550 to 665 nm IR? It has that look.

    Leave a comment:


  • squash
    replied
    Sounds like a marketing tool to me. What will the output be? "We've detected your instance doesn't support all of Intel's Xeon Scalable extensions because you're running AMD, ARM, or the previous generation Xeon. Ask your cloud provider to upgrade because those platforms are literally poison!"

    Leave a comment:

Working...
X