Analysis As cloud service providers increasingly look to x86 architecture alternatives, Intel and AMD are trying to find ways to gain or hold favor in the market – and this includes baking in security features and forming services and partnerships.
Both semiconductor giants announced cloud security initiatives this week. At the Intel Vision event on Wednesday, Intel revealed its Project Amber remote verification service for cloud providers, among other things. A day before, Google Cloud detailed a collaboration with AMD to harden the security of the chip designer's Epyc processors.
The dueling efforts both revolve around confidential computing, which aims to protect sensitive data by encrypting it in memory using hardware-based so-called trusted execution environments, also known as secure enclaves, which are provided by the latest server chips from Intel and AMD. This technology is backed by industry players, including Arm, which too has confidential computing in its architecture.
At the heart of confidential computing is the desire to protect sensitive data and code from not only other software and users on a cloud server but also the administrators of the machine. It's aimed at customers who want to process information off-premises and be assured that not even a rogue insider, or a compromised or malicious hypervisor or system software component, at the remote datacenter can interfere with or spy on that data.
While Intel has historically been the dominant fabricator of CPUs for cloud providers, the company's manufacturing missteps has allowed AMD to steal market share and double its cloud business for several quarters with faster, higher-core-count processors fabbed by TSMC.
Now that Intel is working to regain technology leadership as part of an ambitious comeback plan, the two rivals are facing a threat in the form of cloud providers adopting alternative chip architectures, primarily Arm, to provide faster and more efficient services.
It is against this backdrop that Intel on Wednesday announced Project Amber, a software-as-a-service offering that acts as an independent authority for remotely verifying the trustworthiness of a confidential computing environment in cloud and edge infrastructure.
Intel plans to offer Project Amber as a multi-cloud service that supports multiple kinds of secure enclaves accessible from bare-metal containers, virtual machines, and containers in VMs.
The initial version will only support secure enclaves protected by the Intel Software Guard Extensions (SGX) feature, natch, which debuted in mainstream Xeon processors last year with the launch of Intel's much-delayed Ice Lake server chips. The chipmaker said it hopes to extend coverage to enclaves provided by other companies in the future.
Intel plans to build a software ecosystem around the service, saying its staff are working with independent software vendors to build services on top of Project Amber, which will be managed by software tools and APIs.
Among the other security announcements made at the Intel Vision event, Intel CTO Greg Lavender said his employer plans to enable "seamless firmware updates" in future Xeon microprocessors.
This means datacenter operators won't have to restart boxen to apply firmware updates, which Lavender said is a big deal for cloud providers that manage large fleets of servers. The process will require applications to be suspended, however.
"Those requirements came from the cloud vendors because they have to patch [at a] very large, large scale every day. And so you can't afford to be rebooting all these machines. You have to just do seamless upgrades," he said.
Intel also announced that it is developing a "rich cryptography technology pipeline" that will protect against quantum computer attacks. The company said these efforts include the built-in cryptography acceleration that was introduced in last year's third-generation Xeon Scalable processors.
In Wednesday's Intel Vision keynote, Intel CTO Greg Lavender called Project Amber a "trust-as-a-service solution" and said it establishes trustworthy environments through the process of attestation so that users can feel safe running "sensitive, mission critical data" in the cloud.
"In this architecture, the attestation authority is no longer linked to the infrastructure provider. This decoupling helps provide objectivity and independence to enhance trust assurance to users and application developers," said Lavender, who leads Intel's software organization.
Intel is expected to run a pilot for Project Amber with select customers later this year. A spokesperson declined to provide details of how it plans to monetize Project Amber, but with its SaaS slant, we suspect it could join the chipmaker's expanding portfolio of commercial software products that CEO Pat Gelsinger hopes will make Intel more competitive.
Lavender said Intel is working to make it easier for companies to use Intel SGX with an open-source project called Gramine that enables developers to run unmodified Linux applications in SGX enclaves. This is important, because the feature has historically required developers to modify the code of applications to make use of SGX, which has created obstacles for wider industry adoption.
"Gramine provides a 'push button' method for easily protecting applications and data. This means a faster, more secure and more scalable end-to-end security solution with minimal effort," Lavender said.
While Intel introduced SGX all the way back in 2013, AMD beat its rival to the datacenter market with the first mainstream server CPUs to incorporate confidential computing capabilities with the debut of its Epyc family in 2017. AMD then made things more viable for cloud providers by significantly increasing the number of encryption keys in the second generation of Epyc in 2019.
The fact that AMD was the only chip designer at the time with confidential computing capabilities in mainstream server CPUs was one of the main reasons Google Cloud ended up choosing AMD over Intel to power its Confidential Virtual Machines product, which launched in 2020.
Google Cloud said ease-of-use and low-performance impact were two other reasons it chose AMD's Secure Encryption Virtualization (SEV), the main feature enabling confidential computing capabilities in Epyc. Despite the expansion of Intel SGX in mainstream Xeon processors in 2021, Google Cloud has yet to adopt SGX for new products in its Confidential Computing portfolio.
Instead, the cloud provider has deepened its partnership with AMD through a collaborative, in-depth security review of Epyc's security capabilities, which was announced on Tuesday. The review allowed the chip designer to identify and fix vulnerabilities in the secure coprocessor that enables SEV and other confidential computing features in Epyc chips.
The results of that technical review are here, and it revealed 19 security weaknesses, which were addressed by AMD in patches that were released over past months.
The audit is a big deal because it required AMD to give Google Cloud's security teams access to the chip designer's proprietary firmware and hardware components so that researchers could scrutinize every detail of AMD's implementation and devise custom tests.
After all, there have been plenty of times when independent researchers have uncovered flaws in both Intel SGX and AMD SEV on their own, so AMD has incentive to work with a cloud provider that is buying a substantial amount of its processors.
Google Cloud conducted the review as it seeks to expand its Confidential Computing portfolio, and the cloud provider said the audit gave it the confidence that such products meet a "elevated security bar" as its Confidential VMs are now "protected against a broad range of attacks."
"At the end of the day, we all benefit from a secure ecosystem that organizations rely on for their technology needs and that is why we're incredibly appreciative of our strong collaboration with AMD on these efforts," said Royal Hansen, a security engineering veep at Google.
While Intel has yet to win over Google Cloud with SGX, the semiconductor giant's confidential computing capabilities have been adopted by Microsoft Azure and IBM, among smaller infrastructure providers. Azure and IBM have also bought into AMD's competing features.
With one research firm estimating the confidential computing market to reach $54 billion by 2026, the latest efforts by Intel and AMD underline how both companies view the underlying technology as an important way to win favor with cloud providers in the future. And they're no doubt getting ready for other chip vendors to entry the fray with their own capabilities. ®
Intel did introduce SGX in the company's Xeon E CPUs for entry-level servers in 2017, but they were only made for single-socket servers, and they were not part of the mainstream Xeon Scalable lineup.
A Tor-hidden website dubbed the Eternity Project is offering a toolkit of malware, including ransomware, worms, and – coming soon – distributed denial-of-service programs, at low prices.
According to researchers at cyber-intelligence outfit Cyble, the Eternity site's operators also have a channel on Telegram, where they provide videos detailing features and functions of the Windows malware. Once bought, it's up to the buyer how victims' computers are infected; we'll leave that to your imagination.
The Telegram channel has about 500 subscribers, Team Cyble documented this week. Once someone decides to purchase of one or more of Eternity's malware components, they have the option to customize the final binary executable for whatever crimes they want to commit.
A Ukrainian man has been sentenced to four years in a US federal prison for selling on a dark-web marketplace stolen login credentials for more than 6,700 compromised servers.
Glib Oleksandr Ivanov-Tolpintsev, 28, was arrested by Polish authorities in Korczowa, Poland, on October 3, 2020, and extradited to America. He pleaded guilty on February 22, and was sentenced on Thursday in a Florida federal district court. The court also ordered Ivanov-Tolpintsev, of Chernivtsi, Ukraine, to forfeit his ill-gotten gains of $82,648 from the credential theft scheme.
The prosecution's documents [PDF] detail an unnamed, dark-web marketplace on which usernames and passwords along with personal data, including more than 330,000 dates of birth and social security numbers belonging to US residents, were bought and sold illegally.
David Harville, eBay's former director of global resiliency, pleaded guilty this week to five felony counts of participating in a plan to harass and intimidate journalists who were critical of the online auction business.
Harville is the last of seven former eBay employees/contractors charged by the US Justice Department to have admitted participating in a 2019 cyberstalking campaign to silence Ina and David Steiner, who publish the web newsletter and website EcommerceBytes.
Former eBay employees/contractors Philip Cooke, Brian Gilbert, Stephanie Popp, Veronica Zea, and Stephanie Stockwell previously pleaded guilty. Cooke last July was sentenced to 18 months behind bars. Gilbert, Popp, Zea and Stockwell are currently awaiting sentencing.
Just as costs for some components have started to come down, TSMC and Samsung, the two largest contract chip manufacturers in the world, are reportedly planning to increase prices of production, which may affect Nvidia, AMD, Apple, and others that rely on the foundries.
Reports emerged earlier this week stating that Taiwan-based TSMC is planning price hikes in the single-digit percentages for legacy and advanced chip manufacturing technologies next year. Citing industry sources, Nikkei reported that the price hike will be around five to eight percent.
On Friday Bloomberg reported that South Korea's Samsung is planning to raise prices for chip designers by 15-20 percent this year, citing industry sources. Legacy nodes will be hit hardest, and the new pricing will come into effect in the second half of the year.
Finnish open-source-as-a-service provider Aiven received $210 million in funding this week, adding $1 billion to its nominal valuation in just nine months.
The Series D cash injection – led by Eurazeo, and joined by funds and accounts managed by BlackRock as well as existing investors IVP, Atomico, Earlybird, World Innovation Lab, and Salesforce Ventures – follows $60 million Series C funding which valued the firm at $2 billion.
The latest investment round values the company at $3 billion. It's remarkable considering it only supports open-source software and was worth $800 million when it got its first $100 million tranche of Series C funding in March last year.
Black Hat Asia Software made unsafe by dependencies should be fixed without users needing to interact with the source of the problem, according to US National Cyber Director Chris Inglis, who serves in the Executive Office of the President.
Speaking to The Register at the Black Hat Asia conference in Singapore on Friday, Inglis said that when a faulty component in a car needs to be replaced, the manufacturer who chose that component takes responsibility for securing safe parts and arranging their installation. He contrasted that arrangement with the fix for the Log4j bug, which required users to seek assistance from both vendors that used the open-source logging code and source software from the Log4j project itself.
Inglis wants vendors to take responsibility for their choices so that addressing security issues is easier and users' systems – and the US – can achieve better resilience with less effort.
Memory and storage maker Micron Technology has revealed a new business model intended to address the volatility in the memory market that has resulted in sharp swings in pricing over the past several years.
Revealed at Micron's Investor Day 2022 event, the new forward pricing agreements enable a Micron customer to sign a multi-year deal that guarantees them a supply of memory at a predictable price that follows the cost reduction that the chipmaker sees during the lifecycle of a particular product.
Micron's chief business officer Sumit Sadana told Investor Day attendees that the chipmaker has already signed up an unnamed volume customer to one of the new agreements, which the company is currently trying out to see whether it delivers on the expected benefits.
Almost nine in 10 organizations that have suffered a ransomware attack would choose to pay the ransom if hit again, according to a new report, compared with two-thirds of those that have not experienced an attack.
The findings come from a report titled "How business executives perceive ransomware threat" by security company Kaspersky, which states that ransomware has become an ever-present threat, with 64 percent of companies surveyed already having suffered an attack, but more worryingly, that executives seem to believe that paying the ransom is a reliable way of addressing the issue.
The report, available here, is based on research involving 900 respondents across North America, South America, Africa, Russia, Europe, and Asia-Pacific. The respondents were in senior non-IT management roles at companies between 50 and 1,000 employees.
Black Hat Asia Cyber war has become an emerged aspect of broader armed conflicts, commencing before the first shot is fired, cybersecurity expert Kenneth Geers told the audience at the Black Hat Asia conference on Friday.
"Peacetime in cyberspace is a chaotic environment," said Geers, who has served as a visiting professor at Kiev National Taras Shevchenko University, represented the US government at NATO, and held senior roles at the National Security Agency. "A lot of hacking has to be done in peacetime."
Geers said the Russia-Ukraine war demonstrates how electronic and kinetic conflicts interact. Ahead of the Ukraine invasion, Russia severed network cables, commandeered satellites, whitewashed Wikipedia, and targeted military ops via mobile phone geolocations.
Canonical has begun slinging daily builds of Ubuntu at Windows Subsystem for Linux. We took a look at the not-for-production code.
Ubuntu has long been friends with the Windows Subsystem for Linux. If you pop wsl --install onto a virgin Windows 11 PC, the odds are it will be Canonical's Linux distribution that is installed by default.
There are plenty of other options available – OpenSUSE and Debian spring effortlessly to mind, and we recently noted the arrival of AlmaLinux for RHEL refuseniks, but all require specifying manually.
The Iran-linked Cobalt Mirage crew is running attacks against America for both financial gain and for cyber-espionage purposes, according to Secureworks' threat intelligence team.
The cybercriminal gang has been around since June 2020, and its most recent activities have been put into two categories. One, using ransomware to extort money, as illustrated by a strike in January against a US philanthropic organization, according to Secureworks' Counter Threat Unit (CTU); and two, gathering intelligence, with a local government network in the United States targeted in March, CTU researchers detailed Thursday.
"The January and March incidents typify the different styles of attacks conducted by Cobalt Mirage," they wrote. "While the threat actors appear to have had a reasonable level of success gaining initial access to a wide range of targets, their ability to capitalize on that access for financial gain or intelligence collection appears limited. At a minimum, Cobalt Mirage's ability to use publicly available encryption tools for ransomware operations and mass scan-and-exploit activity to compromise organizations creates an ongoing threat."
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2022