Hacker News new | past | comments | ask | show | jobs | submit login
How we built EGo (edgeless.systems)
59 points by m1ghtym0 3 days ago | hide | past | favorite | 9 comments

Any plans for also supporting AMD SME?

AMD SME protects against physical access attacks. To my knowledge no process-based enclave solution was presented by AMD based on SME. Instead AMD went the route of VM-based enclaves in the form of SEV. Intel is following this direction with TDX. The concept of VM-based enclaves is slightly different and trades a larger Trusted-Computing-Base (TCB) for better lift-and-shift. You could run unmodified Go applications in your SEV/TDX VM so there is no need for EGo in this context. Potentially we'll add attestation features for SEV/TDX for our enclave- and client-libraries that are part of EGo. Here is a (slightly outdated comparison) of SGX and SME/SEV: https://caslab.csl.yale.edu/workshops/hasp2018/HASP18_a9-mof...

"Confidential computing" uses Medium for blogs.

"Confidential computing" uses a cookie popup that only has "save" and "accept all" options, with "analytics" enabled by default.

What are you trying to say, exactly? "Confidential computing" doesn't _use_ anything, it's a technology for working with encrypted data, mate.

The people who are trying to sell you "confidential computing" are somehow unaware about data collection on Medium and use dark patterns to make you agree to collecting analytics.

What else are they unaware of?

Yes, because if you don't solve all the privacy problems at once, don't do anything at all /s

You don't have to solve all the privacy problems to not display a borderline dark pattern cookie dialog.

Or to not use Medium.

If you claim to care about "confidential computing" and what not, one would expect that you have basic hygiene in other places outside your claim.

On the flip side, are you missing out on some fundamental privacy knowledge by not knowing and sharing information about confidential computing? You are evangelizing privacy (a great thing) but seem to have determined one aspect is crucial, regardless of the possible importance of this other aspect. What I'm saying is: what if avoiding Medium is a drop in the privacy hygiene pond and confidential computing is the pond itself?

I don't think I am knowledgeable enough to answer my question or even validate its premise, but I do think it's unfair to dismiss this information simply because it was published on Medium. And when it comes down to it, we have tools like archive.is which I believe avoids any privacy related qualms with Medium: https://archive.is/wUCRe

> but seem to have determined one aspect is crucial, regardless of the possible importance of this other aspect.

No. I haven't determined one aspect crucial. It's kinda "bathrooms at a restaurant" thing: if the bathrooms at an otherwise spotless restaurant are dirty, are we to assume that it's just "not all aspects of cleanliness have to be solved"?

Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact