New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
-
Another month, another Intel vulnerability
by naing ·and the entertainment business, it also includes SGX and its "secure cloud computing" scheme. -
Yet another serious attack on/vuln. of intel CPUs - "EchoLoad"
by jsg ·One might have a discussion on that and I even might agree to a large degree - but SGX is a decisive security device for many, it's about the best they have/had for some secure volatile storage. -
Yet another serious attack on/vuln. of intel CPUs - "EchoLoad"
by naing ·SGX is a rubbish to begin with. It's a glorified DRM at best. -
Yet another serious attack on/vuln. of intel CPUs - "EchoLoad"
by jsg ·Answer: Look at why KASLR was developed and deployed. Also read OP again (hint: e.g. SGX). -
Yet another serious attack on/vuln. of intel CPUs - "EchoLoad"
by jsg ·* The attack also works in restricted environments such as SGX -
New very serious intel processors vulnerability [CacheOut]
by jsg ·(Quote) -
Intel did it again? New Plundervolt Attack Impacts Intel Desktop, Server, and Mobile CPUs
by jsg ·Yes, AMD Epyc is more secure for servers than intels SGX. Does that mean intel is all but dead ("Game over")? I have doubts. -
AMD vs Intel - security primer
by jsg ·Intels SGX addresses mostly the first one and to a small degree the second one. AMD clearly addresses the third one - which is the context we care about here. -
Intel did it again? New Plundervolt Attack Impacts Intel Desktop, Server, and Mobile CPUs
by perennate ·Sounds like it is because SGX is supposed to prevent exposing data in exactly this scenario (where another app has root privilege). Some kind of hardware-level isolation according to the zdnet article -
Hetzner announces SX61 storage server refresh and hosted nextcloud
by willie ·If you really have super sensitive data that has to withstandard physical intrusion (e.g. the signing keys for a CA) normally you would wrap it in tamper reactive crypto hardware. You could put somet -
Which VPS Providers have Modern CPU's on their plan
by willie ·Please use https://www.lowendtalk.com/search?Search=sgx before posting requests like that. -
Which VPS Providers have Modern CPU's on their plan
by sureiam ·Could you link me to the SGX thread please. Think I missed that one. -
Which VPS Providers have Modern CPU's on their plan
by willie ·Hetzner has Epyc dedis and I've thought of using SEV for something. On a VPS the concept is more dubious, per the SGX thread. -
Anybody offering SGX-enabled VPS?
by willie ·Hmm ok I better check the SGX docs, but I thought it usually involved a certificate from the individual unit (something like an HSM serial number). So there wouldn't be a way for a host to make 1000s -
Anybody offering SGX-enabled VPS?
by willie ·No. Virtual servers are virtualized (that's why they call them virtual) and all the hardware is emulated (thus the EMU in QEMU) as far as you can tell. That includes the SGX. There is no way to kn -
Anybody offering SGX-enabled VPS?
by lmerino ·Well, not exactly. That's the whole point of SGX: nothing but your enclave has access to your data. Not ring0, nor bios, etc. But, if by "could control it" you mean it can DoS your e -
Anybody offering SGX-enabled VPS?
by willie ·Um it would sort of defeat the purpose since the vps host could control it. Plus SGX seems more and more bogus in the face of attacks like Spectre. SGX only makes even minimal sense on a dedi, and -
Anybody offering SGX-enabled VPS?
by lmerino ·Last few generations of Intel CPUs support SGX, a set of extensions for secure computing. -
Which VPS Providers have Modern CPU's on their plan
by teamacc ·(Quote) -
Which VPS Providers have Modern CPU's on their plan
by inklight ·(Quote)
