• 0 Posts
  • 13 Comments
Joined 1 year ago
cake
Cake day: September 12th, 2023

help-circle
  • andreluis034toLinux@lemmy.mlVPS encryption
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    3 months ago

    If you have confidential compute(Intel TDX or AMD SEV) available from the cloud provider then it is feasible, provided you trust the CPU manufacturer. They should provide capabilities that allow you to perform remote attestation and ensure the virtual machine is running in the protected mode. Hypervisors running these types of machines usually can’t access the memory of the virtual machine, not even the registers.

    Of course, nothing guarantees there won’t be a vulnerability that breaks it(e.g. side channel attacks), but right now the technology exists where you can run software in the cloud, protected from the provider…












  • Even though my job title has “engineer” in it, I don’t agree that it should be considered an area of engineering.

    Yeah, me either. But I would expect one to know how to research the documentation to find out what it meant.

    I wouldn’t even expect most of them to this kind of research, no. On top of that, I see “engineering” also carrying some type of accountability and responsibility. For example, civil engineering, there are often regulatory bodies, codes, and standards that engineers must adhere to, and they are legally responsible for the safety and integrity of their projects. While in the software side of things, standards and best practices are more loose. Unless you’re working in safety critical industries (automotive, aviation, etc…), the “accountability structure” is completely different, if existent at all. Calling themselves Software developer or some derivate would make much more from my point of view.