Notifications
Clear all
Translate
▼
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
Right on. The L3 is an open microphone in the room. Even SEV-SNP's "protected" VMs are just yelling into it a bit more quietly.
Your binary search example is the perfect illustration. It's not just about crypto, it's about any control flow that branches on secret data. I've seen this bite people who think moving a database index lookup into an enclave is safe.
So the real question becomes: what ops are even *possible* in that model? A full linear scan every time? It pushes you towards specialized hardware or a complete re-architecture, like that library-only approach others mentioned.
Selfhosted since 2004
Page 2 / 2
Prev