Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Releases Open Source Framework For Building 'Enclaved' Apps For Cloud (arstechnica.com)

Posted by BeauHD on from the lock-it-up dept.

An anonymous reader quotes a report from Ars Technica: Today, Google is releasing an open source framework for the development of "confidential computing" cloud applications -- a software development kit that will allow developers to build secure applications that run across multiple cloud architectures even in shared (and not necessarily trusted) environments. The framework, called Asylo, is currently experimental but could eventually make it possible for developers to address some of the most basic concerns about running applications in any multi-tenant environment. Container systems like Docker and Kubernetes are designed largely to allow untrusted applications to run without exposing the underlying operating system to badness. Asylo (Greek for "safe place") aims to solve the opposite problem -- allowing absolutely trusted applications to run "Trusted Execution Environments" (TEEs), which are specialized execution environments that act as enclaves and protect applications from attacks on the underlying platform they run on.

10 of 21 comments (clear)

  1. I read that... by b0s0z0ku · · Score: 4, Funny

    I read that as "enslaved" at first. Which is a good metaphor for the cloud: your data, held hostage on someone else's computer.

  2. sounds absolutely fascinating! by rogoshen1 · · Score: 3, Insightful

    i'm exceedingly interested in trying this out for a few months until google pulls the plug and discontinues it.

  3. "Docker and Kubernetes" by greenwow · · Score: 2

    Which are less secure than true vms. There's a reason companies that care about security use real vms instead.

    1. Re:"Docker and Kubernetes" by llamalad · · Score: 3, Informative

      Which companies are these? And are they hiring?

      Everywhere I look it seems like I only see shops that are drinking the kubernetes Kool Aid.

    2. Re:"Docker and Kubernetes" by K.+S.+Kyosuke · · Score: 1

      So VMS is more alive than BSD?

      --
      Ezekiel 23:20
    3. Re:"Docker and Kubernetes" by phantomfive · · Score: 2

      Yeah, Docker is built for running trusted software, not untrusted software.

      If you want to run untrusted software, VMware was designed for that.......but doesn't do a great job. If you're running Linux, it's not hard to set up your own container. If you're using BSD, you can set up a jail.

      --
      "First they came for the slanderers and i said nothing."
    4. Re:"Docker and Kubernetes" by phantomfive · · Score: 1, Informative

      When I see a company that is deploying docker containers on AWS, I see a company that has a shitty build system. They can't write simple scripts to install software (and the key is to keep them simple).

      This is especially true because on AWS you already start with images in a known state, you don't have a lot of special cases here (which would be the case if you were deploying to end-user desktop machines). I guess most programmers have trouble figuring stuff out or something.

      --
      "First they came for the slanderers and i said nothing."
    5. Re: "Docker and Kubernetes" by phantomfive · · Score: 1

      Yeah, I still think your build and deploy process sucks. If it can't handle minor differences in environment it's too fragile.

      --
      "First they came for the slanderers and i said nothing."
  4. I should probably be more careful what I smoke. by Hognoxious · · Score: 1

    That kind of got me thinking. What would happen if Netcraft died?

    --
    Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  5. Opensource DRM is still defective by design by ezdiy · · Score: 1

    Google has realized they need to get back their control over Android, and DRM is their golden ticket. So what is TEE and pals?

    Each CPU has a burned in public key. A publisher can encrypt binary specifically for the public key of yours, and such a blob will run only and only on a CPU with burned in private key, like sort of smartcard on steroids. This can be paired with remote attestation and what not, but it's no different from, say, CPU, acting as your SIM card (which is actually one of such use cases). In smart card industry we call this a "secure element".

    While not "mandatory" now, it starts to creep in. The google safenet feature which uses this can now attest to applications whether the device supports TEE or not, and vendors slowly nudge into buying DRM capable devices through planned obsolescence.

    Can this be broken? Of course, this isn't legit ZK computing with actual grounds in cryptography. It's semantically no different from a smart card, and you can dump your private key with enough effort. Needless to say, if you distribute a jailbreak consisting of emulator for a key of some CPU, the simcard will be prompty blacklisted and all "cloud" features cease to function (ie works only to fool applications which stay offline).

    Why is that bad? The computer is no longer yours. Jailbreaks become pretty much infeasible and you have zero control over what's running on your device, only the CPU vendor has full control over "ring -2". A perfect walled garden, and ranchers have the perfect cattle marking stamps too.