eweekchat

In fact, TEE has been around in ARM chips (and x86) for years, trouble is, many vendors don't make use of it because they cut corners to save on costs

Will we be able to defend against ALL new attack surfaces? well....CC will help...but I don't think you can ever say "All"

Agreed. Its a leap frogging problem... I make a defensive move and you make one better...

(edited)

Agree, TEEs themselves don't address attacks like social engineering or physical theft. They must be paired with classic physical security appropaches.

@jckgld agreed. we see that changing over the coming months and quarters.

Yes, but we still will have legacy systems to deal with that are exposed, and that will remain with us for a long time...

A core problem with edge and IOT is computational power. A key aspect is that you want to remove security observer overhead. This is something that is close to my heart ;-)

More places to put up wall the better, right? But I do see your point about computational power. Intel/AMD/ARM should be solving that part of the equation - that's one of the things that keeps our industry advancing!

Chuckle, it is a problem I work on, check out Moving target Defense - we approach the problem differently.

Will do, Pete. Sounds interesting.

A2: We have been seeing more high profile attacks while data is being used (memory-scraping). Confidential computing helps alleviate some of that responsibility though I do think there are still important security practices for software engineers to use and keep in m

@rodrigue_ Good point, Rodrigue. Can you offer a couple of examples of those important security practices?

It has to be a combined effort - both the HW and SW have to maximize security to make either work effectively

A core problem today is that "An attacker only needs to find a single weakness to exploit all like systems." Why? All software today is distributed a single clone instance. This means that an exploit for one, will work for all of the same OS version.

There is a gap today in security, the time between discovery of an exploit and its patching. That period is what we call the patch gap. You have no defense if connected to the internet.

A great example of this was Dell, and Sonic wall - Dell didn't release a second patch and the hacker go into the Cayman Island bank. Dell is a leader in security threat mitigation, it took just one omission to gain access.

(edited)

@TechnoPhobe01 The problem is not people, expertise or diligence or lax company processes. It is mathematics, in that it only takes one exploit to win as a cyber attacker.

This is why data integrity and security is becoming so important.

Read section 4 onwards https://pastebin.com/raw/XSsyUb0f

(edited)

Exactly correct. And all the derivatives of the system are also exposed once a flaw is discovered. Often weak components make there way into systems for generations (Cisco routers had this issue)

For software engineers: Encrypt the data in storage, encrypt the data in transit. Don't re-invent the wheel with encryption, use existing proven protocols and mechanisms. I like to share this internally: https://github.com/OWASP/

so does this argument mean CC isn't as important?

Agreed. Its either here or coming soon for all the cloud providers - customers want it and their on-prem systems will be next.

One of the core problems I feel we have at the moment is the idea of certification of the stack. I have a list of certificates that I trust - great. If I can insert myself into that certificate chain - I am fox in a hen house. :-)

@TechnoPhobe01 Consider, Apple they certified malware as OK, at that point I am very happy that you trust me.

The example I use is "rm -rf *", in one context that is a good commend, in another it is a very bad commend. Can we train and AI system or monitoring system to distinguish which is which? :-)

(edited)

"from creation to cold storage" is very broad. Until CC, protecting data while its being computed wasn't commonplace or easy to do.

@brucekornfeld Thanks for the alignment in terminology! CC, then really involves data in creation and in transit. Fair statement?

Yes - a TEE (Trusted Execution Environment) could include both data in movement and creation, but the common denominator is that its about computing - inside a computer. Data in transit outside the box is protected in other ways.

@brucekornfeld Agreed

A problem we increasingly see is the creation of false data. You have to be able to verify the data has not been tampered with.

@TechnoPhobe01 Consider for example, sensor data that we use to model a large system. We have to be able to verify the data has not been tampered with. The Iraq nuclear hack copied the data from the system then played it back. Meanwhile increasing rotation speed.

Nicely said @brucekornfeld .
Client <--We know how to transit data securely--> Server <--We know how to store securely--> DB
We have had secure enclaves on smartphones for a while now.
CC is a good addition to the server piece, whenever we need to work with data.

A5: I do hope to see a world where "confidential computing" is enabled by default at every cloud provider. From the performance benchmarks we're seeing from different providers, the drawbacks seem fairly limited.

A5: When we talk about our personal data, whether it’s messages sent to our loved ones, financial records, or health records, I expect my data to be handled securely. When using Face ID, Apple doesn't ask the user "do you want to use the Secure Enclave to protect your face map?"

Subject to computational cost my sense is that yes this will happen. CC is something where the building blocks exist.

Corrupted data can't be fixed by security components in HW

So Apple (I believe) do this, they use the T2 chip to monitor the core OS, if a core file is changed they put back the old file.