-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2016-08-19 11:58, kev27 wrote: >> Secure Encrypted Virtualization (SEV) integrates main memory encryption >> capabilities with the existing AMD-V virtualization architecture to >> support encrypted virtual machines. Encrypting virtual machines can help >> protect them not only from physical threats but also from other virtual >> machines or even the hypervisor itself. SEV thus represents a new >> virtualization security paradigm that is particularly applicable to cloud >> computing where virtual machines need not fully trust the hypervisor and >> administrator of their host system. > > http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/ > AMD_Memory_Encryption_Whitepaper_v7-Public.pdf > > https://support.amd.com/TechDocs/55766_SEV-KM%20API_Spec.pdf > > Is this something Qubes OS could work with in the future to improve its > security on AMD Zen chips? Maybe something to keep an eye on. >
Sounds very interesting! This reminds me of what Joanna has written about Intel SGX.[1][2][3] FWIW, however, Joanna has also said: "We don't have much experience with AMD: neither research- nor testing-wise. Right now we have no resources to get acquainted."[4] I imagine that could be relevant to this. [1] http://blog.invisiblethings.org/2013/08/30/thoughts-on-intels- upcoming-software.html [2] http://blog.invisiblethings.org/2013/09/23/thoughts-on-intels- upcoming-software.html [3] http://blog.invisiblethings.org/papers/2015/x86_harmful.pdf [4] https://twitter.com/rootkovska/status/756052459752128512 - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJXt2GHAAoJENtN07w5UDAwLuQP/3IkhRVoHpTogM4u5hUpzig+ ni7T69i8FQ5cfbqRQKZa60TY4TAwaWUUKMyAOkUb8gnO9NEFOXHspV8S4kowWq3C j1OvVrq/DjucsqTchcwVo1x6K+WJsES+Bn92B253YCfmRllYNsGf7Zeolcd0uyVE 6w6qSkWuoPTjOmdXCHWBllreDh2LlVvgL3FF7207TLRTEjV8BGPFndFzZ8NfNGSx 6F4Ss7X/WLi0XmA3asJXofOr9piOM3D86sy6W8yK8q1OosbO+WQFAlVrtruoh6FZ WBhurvmix2Yj9TGOyFvdTBDG+ctybBrA3VatwJT7pcjIZvSKp6BW6h9P7rGAg+af AvW+UKJFsPD72meS3jyrKNICbz+tAajHCAL4eVF9wltS/zighuWBoIpAugOwxHWu rIfdN9hmtkPtG7uc/IeJP5utq9GpsbcuN3BjB79dPRrAqGrylriHa4hUGPloSutO OmXyq9YQW2C+FxLLFcAlfenxZZh1Umg+APPN0IqDjfBdKUS3oOYKJIP0YO0SDJYF CIZcQRiTs0O/JuKfqGddMU5QzzdWJx5Z2mVV2oTp5ed2sjl1KYYWLAg0gc73mSYB jcyWeeFvOJiz3csoBobOTh4eLBXJXd/Nzskki5WxOl6qYB7xSi4Vle1qnOels4vz 2NgLEVxsaJGJSZvJ72FJ =uIAV -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/570f2e98-b342-b24a-7e0b-d3b734584417%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
