Search Mailing List Archives
[liberationtech] Hardened servers, new hope for federation?
steveweis at gmail.com
Fri May 23 17:08:35 PDT 2014
Hello Carlo. PrivateCore is my company and ironically your libtech message
was flagged as spam in my inbox.
You are correct that today's technology reduces the trust to the CPU and,
for now, the TPM. I view that a significant improvement compared to having
to trust all components, like network cards or memory modules.
I hope to eliminate dependence on the TPM with developments in the next 1-2
years. As for eliminating the need to trust the CPU, that is a much longer
endeavor, at least for general purpose use cases.
On May 5, 2014 5:21 AM, "carlo von lynX" <lynX at time.to.get.psyced.org>
> Somebody sent me this link.. http://privatecore.com/vcage/
> but you don't need to follow the link as I summarize:
> vCage is a proprietary Linux-based technology that uses
> proprietary Intel hardware features to ensure that only
> the owning company can remotely access a cloud server..
> any person from a local computing center in whichever
> country, armed with screwdriver and bus access tools
> doesn't get to see much of anything.
> In fact the RAM encryption is pretty stunning technique,
> and some other aspects of the thing as well. So this is
> great news for any American cloud computing company.
> For us instead this technology only reduces the trust
> from dozens of computing centers and companies to just
> three of them: Intel, privatecore and the web site itself.
> When we input our social communications we are expected
> to trust these three, and our plain text data to flow
> over the Internet in near perfect safety.
> Edward has taught us, that everything that is feasible
> must be presumed to be being done, thus we should expect
> backdoors in Intel's CPUs large enough to allow access
> and remote control of these cloud computing devices even
> in the face of vCage, allowing an outside attacker that
> knows the magic phrase to run searches in decrypted memory
> and possibly file systems, all within the elegant built-in
> administration website that comes with Intel's AMT.
> Thus, no reason to lower the guard and welcome federation
> thinking, even if privatecore chose to let us recompile
> our own vCage from source. As long as private data is on
> a server in the clear, it is out of reach for safety.
> So far my opinion. Anything out there to challenge it?
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the liberationtech