Post 9yDVAtR0p5YttNEPqa by cynicalsecurity@bsd.network
 (DIR) More posts by cynicalsecurity@bsd.network
 (DIR) Post #9yDVAtR0p5YttNEPqa by cynicalsecurity@bsd.network
       2020-08-17T10:14:17Z
       
       0 likes, 1 repeats
       
       Intel publishes yet another security extension, this time it is called “TDX” for “Trust Domain Extensions” and, in Intel’s own words, "introducing new, architectural elements to deploy hardware-isolated, virtual machines (VMs) called trust domains (TDs). Intel TDX is designed to isolate VMs from the virtual-machine manager (VMM)/hypervisor and any other non-TD software on the platform to protect TDs from a broad range of software.”It is clearly aimed at “the cloud” to try and address…
       
 (DIR) Post #9yDVBCp6jj7q1beQXg by cynicalsecurity@bsd.network
       2020-08-17T10:18:55Z
       
       0 likes, 1 repeats
       
       concerns regarding the fact that, ultimately, anything running on a hypervisor is at the mercy of the hypervisor.This was addressed back in the ‘60s by IBM’s LPARs on mainframes where the hardware-based virtualisation ensured that each LPAR not only felt like a separate machine but actually was from a hardware isolation perspective.I tried hacking LPARs for years and failed, I count it as one of my most important failures because of all the techniques I learned while failing:flan_greybeard:​