eweekchat

Confidential Computing
JOIN US: This is a chat-based conversation about how a newly recognized trend in IT security that follows data all the way through the transom and protects it at every stage--including when it's processing. Join us!
   4 years ago
#eweekchatNext-Gen Cloud ServicesJOIN US: This is a chat-based conversation about new types of cloud (and cloud delivery) services, which are becoming more pervasive and diversified than ever. We are becoming more dependent on the cloud each day--especially during the COVID-19 pandemic. Join us!
   4 years ago
#eweekchatLegacy Company InnovationJOIN US: This is a chat-based conversation about how companies that have become standard providers are--or are not--continuing to be creative. New competitors are entering the markets all the time, so the pressure is on. Join us!
Bruce Kornfeld
A2: Very interesting concept. Edge and IoT typically means smaller and smaller form factors - but - with Moore's Law continuing, these TEE with hardware and chipsets are available even at the edge.
Jack Gold
In fact, TEE has been around in ARM chips (and x86) for years, trouble is, many vendors don't make use of it because they cut corners to save on costs
Bruce Kornfeld
Will we be able to defend against ALL new attack surfaces? well....CC will help...but I don't think you can ever say "All"
Jack Gold
Agreed. Its a leap frogging problem... I make a defensive move and you make one better...

(edited)

Dave Thaler
Agree, TEEs themselves don't address attacks like social engineering or physical theft. They must be paired with classic physical security appropaches.
Bruce Kornfeld
@jckgld agreed. we see that changing over the coming months and quarters.
Jack Gold
Yes, but we still will have legacy systems to deal with that are exposed, and that will remain with us for a long time...
Pete Jarvis
A core problem with edge and IOT is computational power. A key aspect is that you want to remove security observer overhead. This is something that is close to my heart ;-)
Bruce Kornfeld
More places to put up wall the better, right? But I do see your point about computational power. Intel/AMD/ARM should be solving that part of the equation - that's one of the things that keeps our industry advancing!
Pete Jarvis
Chuckle, it is a problem I work on, check out Moving target Defense - we approach the problem differently.
Bruce Kornfeld
Will do, Pete. Sounds interesting.
Chris Preimesberger
Q2: Will we still be able to defend all the new attack surfaces using this CC method in IoT, edge computing and mobile computing?
Rodrigue Hajjar
A2: We have been seeing more high profile attacks while data is being used (memory-scraping). Confidential computing helps alleviate some of that responsibility though I do think there are still important security practices for software engineers to use and keep in m
Chris Preimesberger
@rodrigue_ Good point, Rodrigue. Can you offer a couple of examples of those important security practices?
Jack Gold
It has to be a combined effort - both the HW and SW have to maximize security to make either work effectively
Pete Jarvis
A core problem today is that "An attacker only needs to find a single weakness to exploit all like systems." Why? All software today is distributed a single clone instance. This means that an exploit for one, will work for all of the same OS version.
Pete Jarvis
There is a gap today in security, the time between discovery of an exploit and its patching. That period is what we call the patch gap. You have no defense if connected to the internet.
Pete Jarvis
A great example of this was Dell, and Sonic wall - Dell didn't release a second patch and the hacker go into the Cayman Island bank. Dell is a leader in security threat mitigation, it took just one omission to gain access.

(edited)

Pete Jarvis
@TechnoPhobe01 The problem is not people, expertise or diligence or lax company processes. It is mathematics, in that it only takes one exploit to win as a cyber attacker.
Pete Jarvis
This is why data integrity and security is becoming so important.
Pete Jarvis
Read section 4 onwards https://pastebin.com/raw/XSsyUb0f

(edited)

https://pastebin.com/raw/XSsyUb0f
https://pastebin.com/raw/XSsyUb0f
Jack Gold
Exactly correct. And all the derivatives of the system are also exposed once a flaw is discovered. Often weak components make there way into systems for generations (Cisco routers had this issue)
Rodrigue Hajjar
For software engineers: Encrypt the data in storage, encrypt the data in transit. Don't re-invent the wheel with encryption, use existing proven protocols and mechanisms. I like to share this internally: https://github.com/OWASP/
https://github.com/OWASP/
OWASP
OWASP
The OWASP Foundation. OWASP has 747 repositories available. Follow their code on GitHub.
Bruce Kornfeld
so does this argument mean CC isn't as important?
Seth Knox
A5: The hyperscale cloud providers have all either announced or gone GA with #confidentialcomputing infrastructure this year. The chip manufacturers also have made major announcement/progress in CC hardware. So, the answer is yes.
Bruce Kornfeld
Agreed. Its either here or coming soon for all the cloud providers - customers want it and their on-prem systems will be next.
Seth Knox
A2. IoT, mobile, Key/Secretes Management, Multi-party computation, public cloud apps, PoS devices are all good use cases for confidential computing. This white paper from the @confidentialC2 is a good resource on the use cases https://confidentialcomputing.io/white-papers/
Pete Jarvis
One of the core problems I feel we have at the moment is the idea of certification of the stack. I have a list of certificates that I trust - great. If I can insert myself into that certificate chain - I am fox in a hen house. :-)
Pete Jarvis
@TechnoPhobe01 Consider, Apple they certified malware as OK, at that point I am very happy that you trust me.
Pete Jarvis
The example I use is "rm -rf *", in one context that is a good commend, in another it is a very bad commend. Can we train and AI system or monitoring system to distinguish which is which? :-)

(edited)

Chris Preimesberger
Q1 addendum: So CC (shortcut!) means protecting data from creation to cold storage, and everything in between. Isn't that what we're doing right now?
Bruce Kornfeld
"from creation to cold storage" is very broad. Until CC, protecting data while its being computed wasn't commonplace or easy to do.
Chris Preimesberger
@brucekornfeld Thanks for the alignment in terminology! CC, then really involves data in creation and in transit. Fair statement?
Bruce Kornfeld
Yes - a TEE (Trusted Execution Environment) could include both data in movement and creation, but the common denominator is that its about computing - inside a computer. Data in transit outside the box is protected in other ways.
Pete Jarvis
A problem we increasingly see is the creation of false data. You have to be able to verify the data has not been tampered with.
Pete Jarvis
@TechnoPhobe01 Consider for example, sensor data that we use to model a large system. We have to be able to verify the data has not been tampered with. The Iraq nuclear hack copied the data from the system then played it back. Meanwhile increasing rotation speed.
Rodrigue Hajjar
Nicely said @brucekornfeld .
Client <--We know how to transit data securely--> Server <--We know how to store securely--> DB
We have had secure enclaves on smartphones for a while now.
CC is a good addition to the server piece, whenever we need to work with data.
Chris Preimesberger
Thank y'all for coming. Be safe out there, drive carefully, and wear a mask!
Chris Preimesberger
Mark your calendar: Next #eWEEKchat is Tuesday, Oct. 13: "How Legacy Companies Are Still Innovating"
Bruce Kornfeld
Final Thoughts: CC is another example of how the security industry is still in its infancy even though
we've been going at it for years, trying to protect organizations information. CC was birthed thanks to hardware/chip developers and now its time for sw to bring it home!
Rodrigue Hajjar
A5: Cloud providers are making it easy to spin up new confidential compute instances. Popular tools are already being worked on to take advantage of running on TEE.
Rodrigue Hajjar
A5: I do hope to see a world where "confidential computing" is enabled by default at every cloud provider. From the performance benchmarks we're seeing from different providers, the drawbacks seem fairly limited.
Rodrigue Hajjar
A5: When we talk about our personal data, whether it’s messages sent to our loved ones, financial records, or health records, I expect my data to be handled securely. When using Face ID, Apple doesn't ask the user "do you want to use the Secure Enclave to protect your face map?"
Pete Jarvis
Subject to computational cost my sense is that yes this will happen. CC is something where the building blocks exist.
Chris Preimesberger
Q4: Data integrity is one of my favorite IT topics. If your blood is healthy, chances are your body is healthy; same with an IT system and its bloodflow, data. Is clean data of any consequence to CC?
Jack Gold
Corrupted data can't be fixed by security components in HW
Pete Jarvis
So Apple (I believe) do this, they use the T2 chip to monitor the core OS, if a core file is changed they put back the old file.