Google Releases Open Source Framework For Building 'Enclaved' Apps For Cloud

An anonymous reader quotes a report from Ars Technica: Today, Google is releasing an open source framework for the development of "confidential computing" cloud applications -- a software development kit that will allow developers to build secure applications that run across multiple cloud architectures even in shared (and not necessarily trusted) environments. The framework, called Asylo, is currently experimental but could eventually make it possible for developers to address some of the most basic concerns about running applications in any multi-tenant environment. Container systems like Docker and Kubernetes are designed largely to allow untrusted applications to run without exposing the underlying operating system to badness. Asylo (Greek for "safe place") aims to solve the opposite problem -- allowing absolutely trusted applications to run "Trusted Execution Environments" (TEEs), which are specialized execution environments that act as enclaves and protect applications from attacks on the underlying platform they run on.

I read that...

[b0s0z0ku]

I read that as "enslaved" at first. Which is a good metaphor for the cloud: your data, held hostage on someone else's computer.

sounds absolutely fascinating!

[rogoshen1]

i'm exceedingly interested in trying this out for a few months until google pulls the plug and discontinues it.

"Docker and Kubernetes"

[greenwow]

Which are less secure than true vms. There's a reason companies that care about security use real vms instead.

Re:"Docker and Kubernetes"

[llamalad]

Which companies are these? And are they hiring?

Everywhere I look it seems like I only see shops that are drinking the kubernetes Kool Aid.

Re:

[phantomfive]

When I see a company that is deploying docker containers on AWS, I see a company that has a shitty build system. They can't write simple scripts to install software (and the key is to keep them simple).

This is especially true because on AWS you already start with images in a known state, you don't have a lot of special cases here (which would be the case if you were deploying to end-user desktop machines). I guess most programmers have trouble figuring stuff out or something.

Re: "Docker and Kubernetes"

[phantomfive]

Yeah, I still think your build and deploy process sucks. If it can't handle minor differences in environment it's too fragile.

Re:

[K. S. Kyosuke]

So VMS is more alive than BSD?

I should probably be more careful what I smoke.

[Hognoxious]

That kind of got me thinking. What would happen if Netcraft died?

Re:

[phantomfive]

Yeah, Docker is built for running trusted software, not untrusted software.

If you want to run untrusted software, VMware was designed for that.......but doesn't do a great job. If you're running Linux, it's not hard to set up your own container. If you're using BSD, you can set up a jail.

Opensource DRM is still defective by design

[ezdiy]

Google has realized they need to get back their control over Android, and DRM is their golden ticket. So what is TEE and pals?

Each CPU has a burned in public key. A publisher can encrypt binary specifically for the public key of yours, and such a blob will run only and only on a CPU with burned in private key, like sort of smartcard on steroids. This can be paired with remote attestation and what not, but it's no different from, say, CPU, acting as your SIM card (which is actually one of such use cases)