Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Then you only have to trust that AMD did not accidentally or intentionally introduce a bug in the system. Remember Spectre? Remember all the security bugs in the Intel management code?

You also have to trust that AMD generated and have always managed the encryption keys for that system properly and in accordance with their documentation.

And are you even sure that you’re actually running on an AMD system? If the system is in the cloud, then it’s hard to be sure what is executing your code.

And are you sure that your code didn’t accidentally break the security guarantees of the underlying system?

I have worked on all these problems in my day job, working on HSMs. At the end of the day there are still some leaps of faith.



puts on tinfoil hat

You'd also need to consider AMD's management engine, the Platform Security Processor. If we're really slinging conspiracy theories, AMD processors are likely just as backdoored as Intel one. I don't mean to be grim, but I think it's safe to assume that the US government has direct memory access to the vast majority of computer processors you can buy these days.

[/conspiracy]


if you're going to that level, then have a look at five-eyes (and it's derivatives) https://en.wikipedia.org/wiki/Five_Eyes / Echelon


I probably shouldn't have removed my tinfoil lining yet but yes, you're correct. Any information the US government has access to through these channels is also probably accessible by our surveillance/intelligence allies. It raises a lot of questions about how deep the rabbit hole goes, but I won't elucidate them here since I've been threatened with bans for doing so. I guess it's a do-your-own research situation, but always carry a healthy degree of skepticism when you read about anything government-adjacent.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: