Techly NewsGet the app

Get the latest tech news

The Open Secret about Confidential Computing


Confidential Computing is an emerging field that aims to protect running workloads (“data in use“) from their environment, thus reducing the Trusted Computing Base (TCB). For VMs, this means that the threat model is updated to not trust the hypervisor. The main push is from the public cloud vendors to enable running more sensitive workloads. In short, the CPU is trusted and creates a clean VM/enclave that can be measured and attested. The attestation can be sent off to a trusted environment that can exchange it for the secrets needed to perform the work.

However, some architectural decisions might continue to produce bugs; the Intel and AMD approaches are based on microcode running on the same cores as other workloads, rather than dedicated hardware. AWS uses their proprietary Nitro system, which looks interesting on the surface, but lacks public details and external scrutiny, so it’s hard to compare to the Intel and AMD solutions. Don’t get me wrong: I think reducing the TBC, which is the aim of Confidential Computing, is a great and desirable goal.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of open secret

open secret

Related news:

News photo

33 states accuse Meta of having a big 'open secret' — millions of underage users

News photo

At Meta, Millions of Underage Users Were an ‘Open Secret,’ States Say

« Peter Higgs, physicist who discovered Higgs boson, has died
Let's Kerberos »