home.social

#confidentialcomputing — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #confidentialcomputing, aggregated by home.social.

  1. Paul Meyer @[email protected] ·

    Physical security has become an important aspect of protecting confidential computing workloads. Physical access is typically excluded from hardware vendors' CVM attack models, leaving physical and relay attacks largely unaddressed.
    Flashbots and Intel have each been working independently on solutions to help bridge this physical-access gap: writings.flashbots.net/mind-th

    #ConfidentialComputing #CloudSecurity #TPM

    #confidentialcomputing #cloudsecurity #tpm
  2. Paul Meyer @[email protected] ·

    Physical security has become an important aspect of protecting confidential computing workloads. Physical access is typically excluded from hardware vendors' CVM attack models, leaving physical and relay attacks largely unaddressed.
    Flashbots and Intel have each been working independently on solutions to help bridge this physical-access gap: writings.flashbots.net/mind-th

    #ConfidentialComputing #CloudSecurity #TPM

    #confidentialcomputing #cloudsecurity #tpm
  3. Paul Meyer @[email protected] ·

    Physical security has become an important aspect of protecting confidential computing workloads. Physical access is typically excluded from hardware vendors' CVM attack models, leaving physical and relay attacks largely unaddressed.
    Flashbots and Intel have each been working independently on solutions to help bridge this physical-access gap: writings.flashbots.net/mind-th

    #ConfidentialComputing #CloudSecurity #TPM

    #confidentialcomputing #cloudsecurity #tpm
  4. Paul Meyer @[email protected] ·

    Physical security has become an important aspect of protecting confidential computing workloads. Physical access is typically excluded from hardware vendors' CVM attack models, leaving physical and relay attacks largely unaddressed.
    Flashbots and Intel have each been working independently on solutions to help bridge this physical-access gap: writings.flashbots.net/mind-th

    #ConfidentialComputing #CloudSecurity #TPM

    #tpm #cloudsecurity #confidentialcomputing
  5. Paul Meyer @[email protected] ·

    Physical security has become an important aspect of protecting confidential computing workloads. Physical access is typically excluded from hardware vendors' CVM attack models, leaving physical and relay attacks largely unaddressed.
    Flashbots and Intel have each been working independently on solutions to help bridge this physical-access gap: writings.flashbots.net/mind-th

    #ConfidentialComputing #CloudSecurity #TPM

    #confidentialcomputing #cloudsecurity #tpm
  6. Paul Meyer @[email protected] ·

    Reproducible builds are a valuable property for remote attestation workflows but often hard to maintain. We faced a special challenge building reproducible artifacts that contain signatures.

    Together with @Euler I wrote a blog post about how we used ECDSA public key recovery to generate signatures that match exactly one artifact, can be reproduced by a verifier, and are secure, without anyone ever knowing a private key.

    katexochen.aro.bz/posts/reprod

    #ReproducibleBuilds #RemoteAttestation #Cryptography #ConfidentialComputing #Infosec

    #reproduciblebuilds #remoteattestation #cryptography #confidentialcomputing #infosec
  7. Paul Meyer @[email protected] ·

    Reproducible builds are a valuable property for remote attestation workflows but often hard to maintain. We faced a special challenge building reproducible artifacts that contain signatures.

    Together with @Euler I wrote a blog post about how we used ECDSA public key recovery to generate signatures that match exactly one artifact, can be reproduced by a verifier, and are secure, without anyone ever knowing a private key.

    katexochen.aro.bz/posts/reprod

    #ReproducibleBuilds #RemoteAttestation #Cryptography #ConfidentialComputing #Infosec

    #reproduciblebuilds #remoteattestation #cryptography #confidentialcomputing #infosec
  8. Paul Meyer @[email protected] ·

    Reproducible builds are a valuable property for remote attestation workflows but often hard to maintain. We faced a special challenge building reproducible artifacts that contain signatures.

    Together with @Euler I wrote a blog post about how we used ECDSA public key recovery to generate signatures that match exactly one artifact, can be reproduced by a verifier, and are secure, without anyone ever knowing a private key.

    katexochen.aro.bz/posts/reprod

    #ReproducibleBuilds #RemoteAttestation #Cryptography #ConfidentialComputing #Infosec

    #reproduciblebuilds #remoteattestation #cryptography #confidentialcomputing #infosec
  9. Paul Meyer @[email protected] ·

    Reproducible builds are a valuable property for remote attestation workflows but often hard to maintain. We faced a special challenge building reproducible artifacts that contain signatures.

    Together with @Euler I wrote a blog post about how we used ECDSA public key recovery to generate signatures that match exactly one artifact, can be reproduced by a verifier, and are secure, without anyone ever knowing a private key.

    katexochen.aro.bz/posts/reprod

    #ReproducibleBuilds #RemoteAttestation #Cryptography #ConfidentialComputing #Infosec

    #infosec #confidentialcomputing #cryptography #remoteattestation #reproduciblebuilds
  10. Paul Meyer @[email protected] ·

    Reproducible builds are a valuable property for remote attestation workflows but often hard to maintain. We faced a special challenge building reproducible artifacts that contain signatures.

    Together with @Euler I wrote a blog post about how we used ECDSA public key recovery to generate signatures that match exactly one artifact, can be reproduced by a verifier, and are secure, without anyone ever knowing a private key.

    katexochen.aro.bz/posts/reprod

    #ReproducibleBuilds #RemoteAttestation #Cryptography #ConfidentialComputing #Infosec

    #reproduciblebuilds #remoteattestation #cryptography #confidentialcomputing #infosec
  11. Michael J Burgess @[email protected] ·

    Ubuntu 26.04 Security Shift

    Ubuntu 26.04 LTS brings TPM-backed disk encryption, confidential computing, safer defaults, and more. Here is what matters most.

    beitmenotyou.online/ubuntu-26-

    #confidentialcomputing #linuxsecurity #openssh102 #privacy #rustcoreutils #selfhosting
  12. Michael J Burgess @[email protected] ·

    Ubuntu 26.04 Security Shift

    Ubuntu 26.04 LTS brings TPM-backed disk encryption, confidential computing, safer defaults, and more. Here is what matters most.

    beitmenotyou.online/ubuntu-26-

    #confidentialcomputing #linuxsecurity #openssh102 #privacy #rustcoreutils #selfhosting
  13. Paul Meyer @[email protected] ·

    Cool, KVM-based AMD SEV-SNP support was recently added to Cloud Hypervisor! Including support for Google's oak stage0 firmware and IGVM image format.
    github.com/cloud-hypervisor/cl

    #ConfidentialComputing #virtualization #KVM #CloudHypervisor

    #confidentialcomputing #virtualization #kvm #cloudhypervisor
  14. Paul Meyer @[email protected] ·

    Cool, KVM-based AMD SEV-SNP support was recently added to Cloud Hypervisor! Including support for Google's oak stage0 firmware and IGVM image format.
    github.com/cloud-hypervisor/cl

    #ConfidentialComputing #virtualization #KVM #CloudHypervisor

    #confidentialcomputing #virtualization #kvm #cloudhypervisor
  15. Paul Meyer @[email protected] ·

    Cool, KVM-based AMD SEV-SNP support was recently added to Cloud Hypervisor! Including support for Google's oak stage0 firmware and IGVM image format.
    github.com/cloud-hypervisor/cl

    #ConfidentialComputing #virtualization #KVM #CloudHypervisor

    #confidentialcomputing #virtualization #kvm #cloudhypervisor
  16. Paul Meyer @[email protected] ·

    Cool, KVM-based AMD SEV-SNP support was recently added to Cloud Hypervisor! Including support for Google's oak stage0 firmware and IGVM image format.
    github.com/cloud-hypervisor/cl

    #ConfidentialComputing #virtualization #KVM #CloudHypervisor

    #cloudhypervisor #kvm #virtualization #confidentialcomputing
  17. Paul Meyer @[email protected] ·

    Cool, KVM-based AMD SEV-SNP support was recently added to Cloud Hypervisor! Including support for Google's oak stage0 firmware and IGVM image format.
    github.com/cloud-hypervisor/cl

    #ConfidentialComputing #virtualization #KVM #CloudHypervisor

    #confidentialcomputing #virtualization #kvm #cloudhypervisor
  18. Paul Meyer @[email protected] ·

    Fabricked, a new attack on AMD SEV-SNP presented: software-based attack that manipulates memory routing of inter-component communication within the SoC to trick the secure processor into improperly initializing the RPM table. The root cause is a missing check in the secure processor firmware to enforce the Data Fabric is locked down.

    fabricked-attack.github.io/

    #ConfidentialComputing #CloudSecurity #AMD

    #confidentialcomputing #cloudsecurity #amd
  19. Paul Meyer @[email protected] ·

    Fabricked, a new attack on AMD SEV-SNP presented: software-based attack that manipulates memory routing of inter-component communication within the SoC to trick the secure processor into improperly initializing the RPM table. The root cause is a missing check in the secure processor firmware to enforce the Data Fabric is locked down.

    fabricked-attack.github.io/

    #ConfidentialComputing #CloudSecurity #AMD

    #confidentialcomputing #cloudsecurity #amd
  20. Paul Meyer @[email protected] ·

    Fabricked, a new attack on AMD SEV-SNP presented: software-based attack that manipulates memory routing of inter-component communication within the SoC to trick the secure processor into improperly initializing the RPM table. The root cause is a missing check in the secure processor firmware to enforce the Data Fabric is locked down.

    fabricked-attack.github.io/

    #ConfidentialComputing #CloudSecurity #AMD

    #confidentialcomputing #cloudsecurity #amd
  21. Paul Meyer @[email protected] ·

    Fabricked, a new attack on AMD SEV-SNP presented: software-based attack that manipulates memory routing of inter-component communication within the SoC to trick the secure processor into improperly initializing the RPM table. The root cause is a missing check in the secure processor firmware to enforce the Data Fabric is locked down.

    fabricked-attack.github.io/

    #ConfidentialComputing #CloudSecurity #AMD

    #amd #cloudsecurity #confidentialcomputing
  22. Paul Meyer @[email protected] ·

    Fabricked, a new attack on AMD SEV-SNP presented: software-based attack that manipulates memory routing of inter-component communication within the SoC to trick the secure processor into improperly initializing the RPM table. The root cause is a missing check in the secure processor firmware to enforce the Data Fabric is locked down.

    fabricked-attack.github.io/

    #ConfidentialComputing #CloudSecurity #AMD

    #confidentialcomputing #cloudsecurity #amd
  23. Paul Meyer @[email protected] ·

    RE: infosec.exchange/@trailofbits/

    Trail of Bits published a really interesting audit report on Meta's confidential computing protection for WhatsApp's AI support. One of the findings is an AML injection attack, which I wrote about in a blog post a few weeks ago: katexochen.aro.bz/posts/badaml/

    There are many other interesting findings, and a lot to learn from them. I really appreciate that they are sharing the full report.

    #ConfidentialComputing #CloudSecurity

    #confidentialcomputing #cloudsecurity
  24. Paul Meyer @[email protected] ·

    RE: infosec.exchange/@trailofbits/

    Trail of Bits published a really interesting audit report on Meta's confidential computing protection for WhatsApp's AI support. One of the findings is an AML injection attack, which I wrote about in a blog post a few weeks ago: katexochen.aro.bz/posts/badaml/

    There are many other interesting findings, and a lot to learn from them. I really appreciate that they are sharing the full report.

    #ConfidentialComputing #CloudSecurity

    #confidentialcomputing #cloudsecurity
  25. Paul Meyer @[email protected] ·

    RE: infosec.exchange/@trailofbits/

    Trail of Bits published a really interesting audit report on Meta's confidential computing protection for WhatsApp's AI support. One of the findings is an AML injection attack, which I wrote about in a blog post a few weeks ago: katexochen.aro.bz/posts/badaml/

    There are many other interesting findings, and a lot to learn from them. I really appreciate that they are sharing the full report.

    #ConfidentialComputing #CloudSecurity

    #confidentialcomputing #cloudsecurity
  26. Paul Meyer @[email protected] ·

    RE: infosec.exchange/@trailofbits/

    Trail of Bits published a really interesting audit report on Meta's confidential computing protection for WhatsApp's AI support. One of the findings is an AML injection attack, which I wrote about in a blog post a few weeks ago: katexochen.aro.bz/posts/badaml/

    There are many other interesting findings, and a lot to learn from them. I really appreciate that they are sharing the full report.

    #ConfidentialComputing #CloudSecurity

    #cloudsecurity #confidentialcomputing
  27. Paul Meyer @[email protected] ·

    RE: infosec.exchange/@trailofbits/

    Trail of Bits published a really interesting audit report on Meta's confidential computing protection for WhatsApp's AI support. One of the findings is an AML injection attack, which I wrote about in a blog post a few weeks ago: katexochen.aro.bz/posts/badaml/

    There are many other interesting findings, and a lot to learn from them. I really appreciate that they are sharing the full report.

    #ConfidentialComputing #CloudSecurity

    #confidentialcomputing #cloudsecurity
  28. PPC Land @[email protected] ·

    FYI: Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Anonym #DataPrivacy #ConfidentialComputing #Partnership

    #reddit #anonym #dataprivacy #confidentialcomputing #partnership
  29. PPC Land @[email protected] ·

    FYI: Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Anonym #DataPrivacy #ConfidentialComputing #Partnership

    #partnership #confidentialcomputing #dataprivacy #anonym #reddit
  30. PPC Land @[email protected] ·

    FYI: Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Anonym #DataPrivacy #ConfidentialComputing #Partnership

    #reddit #anonym #dataprivacy #confidentialcomputing #partnership
  31. Paul Meyer @[email protected] ·

    RE: abyssdomain.expert/@filippo/11

    Trusted Execution Environments (TEEs) like Intel SGX and AMD SEV-SNP and in general hardware attestation are just f***d. All their keys and roots are not PQ and I heard of no progress in rolling out PQ ones, which at hardware speeds means we are forced to accept they might not make it

    #ConfidentialComputing #pqc

    #confidentialcomputing #pqc
  32. Paul Meyer @[email protected] ·

    RE: abyssdomain.expert/@filippo/11

    Trusted Execution Environments (TEEs) like Intel SGX and AMD SEV-SNP and in general hardware attestation are just f***d. All their keys and roots are not PQ and I heard of no progress in rolling out PQ ones, which at hardware speeds means we are forced to accept they might not make it

    #ConfidentialComputing #pqc

    #confidentialcomputing #pqc
  33. Paul Meyer @[email protected] ·

    RE: abyssdomain.expert/@filippo/11

    Trusted Execution Environments (TEEs) like Intel SGX and AMD SEV-SNP and in general hardware attestation are just f***d. All their keys and roots are not PQ and I heard of no progress in rolling out PQ ones, which at hardware speeds means we are forced to accept they might not make it

    #ConfidentialComputing #pqc

    #confidentialcomputing #pqc
  34. Paul Meyer @[email protected] ·

    RE: abyssdomain.expert/@filippo/11

    Trusted Execution Environments (TEEs) like Intel SGX and AMD SEV-SNP and in general hardware attestation are just f***d. All their keys and roots are not PQ and I heard of no progress in rolling out PQ ones, which at hardware speeds means we are forced to accept they might not make it

    #ConfidentialComputing #pqc

    #pqc #confidentialcomputing
  35. Paul Meyer @[email protected] ·

    RE: abyssdomain.expert/@filippo/11

    Trusted Execution Environments (TEEs) like Intel SGX and AMD SEV-SNP and in general hardware attestation are just f***d. All their keys and roots are not PQ and I heard of no progress in rolling out PQ ones, which at hardware speeds means we are forced to accept they might not make it

    #ConfidentialComputing #pqc

    #confidentialcomputing #pqc
  36. PPC Land @[email protected] ·

    ICYMI: Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Anonym #DataPrivacy #ConfidentialComputing #PrivacyFirst

    #reddit #anonym #dataprivacy #confidentialcomputing #privacyfirst
  37. PPC Land @[email protected] ·

    ICYMI: Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Anonym #DataPrivacy #ConfidentialComputing #PrivacyFirst

    #privacyfirst #confidentialcomputing #dataprivacy #anonym #reddit
  38. PPC Land @[email protected] ·

    ICYMI: Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Anonym #DataPrivacy #ConfidentialComputing #PrivacyFirst

    #reddit #anonym #dataprivacy #confidentialcomputing #privacyfirst
  39. PPC Land @[email protected] ·

    Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Privacy #DataProtection #Anonym #ConfidentialComputing

    #reddit #privacy #dataprotection #anonym #confidentialcomputing
  40. PPC Land @[email protected] ·

    Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Privacy #DataProtection #Anonym #ConfidentialComputing

    #reddit #privacy #dataprotection #anonym #confidentialcomputing
  41. PPC Land @[email protected] ·

    Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Privacy #DataProtection #Anonym #ConfidentialComputing

    #confidentialcomputing #anonym #dataprotection #privacy #reddit
  42. PPC Land @[email protected] ·

    Reddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. ppc.land/reddit-and-anonyms-da #Reddit #Privacy #DataProtection #Anonym #ConfidentialComputing

    #reddit #privacy #dataprotection #anonym #confidentialcomputing
  43. Paul Meyer @[email protected] ·

    Recordings of OC3 2026 (Open Confidential Computing Conference) are now available:
    youtube.com/playlist?list=PLEh

    #ConfidentialComputing #Cloud #CloudSecurity #AI

    #confidentialcomputing #cloud #cloudsecurity #ai
  44. Paul Meyer @[email protected] ·

    Recordings of OC3 2026 (Open Confidential Computing Conference) are now available:
    youtube.com/playlist?list=PLEh

    #ConfidentialComputing #Cloud #CloudSecurity #AI

    #confidentialcomputing #cloud #cloudsecurity #ai
  45. Paul Meyer @[email protected] ·

    Recordings of OC3 2026 (Open Confidential Computing Conference) are now available:
    youtube.com/playlist?list=PLEh

    #ConfidentialComputing #Cloud #CloudSecurity #AI

    #confidentialcomputing #cloud #cloudsecurity #ai
  46. Paul Meyer @[email protected] ·

    Recordings of OC3 2026 (Open Confidential Computing Conference) are now available:
    youtube.com/playlist?list=PLEh

    #ConfidentialComputing #Cloud #CloudSecurity #AI

    #ai #cloudsecurity #cloud #confidentialcomputing
  47. Paul Meyer @[email protected] ·

    Recordings of OC3 2026 (Open Confidential Computing Conference) are now available:
    youtube.com/playlist?list=PLEh

    #ConfidentialComputing #Cloud #CloudSecurity #AI

    #confidentialcomputing #cloud #cloudsecurity #ai
  48. NERDS.xyz – Real Tech News for Real Nerds [Unofficial] @[email protected] ·

    ExpressVPN launches ExpressAI, promising private AI chats that even it cannot read

    fed.brid.gy/r/https://nerds.xy

    #artificialintelligence #vpn #aiprivacy #confidentialcomputing #cure53audit #deepseekai
  49. NERDS.xyz – Real Tech News for Real Nerds [Unofficial] @[email protected] ·

    ExpressVPN launches ExpressAI, promising private AI chats that even it cannot read

    web.brid.gy/r/https://nerds.xy

    #artificialintelligence #vpn #aiprivacy #confidentialcomputing #cure53audit #deepseekai
  50. NERDS.xyz – Real Tech News for Real Nerds [Unofficial] @[email protected] ·

    ExpressVPN launches ExpressAI, promising private AI chats that even it cannot read

    web.brid.gy/r/https://nerds.xy

    #artificialintelligence #vpn #aiprivacy #confidentialcomputing #cure53audit #deepseekai