PPC LandReddit and Anonym's data deal: no first-party data leaves, ever: Anonym and Reddit today announced a privacy-safe measurement partnership using confidential computing, marking Anonym's fourth major platform deal in under a year. https://ppc.land/reddit-and-anonyms-data-deal-no-first-party-data-leaves-ever/ #Reddit #Privacy #DataProtection #Anonym #ConfidentialComputing
https://purl.org/rzr#https://xenproject.org/resources/spring-meetup-2026/# #xen #XenSpringMeetup focus on #virtualization #automotive #safety #confidentialComputing and more
Paul MeyerRecordings of OC3 2026 (Open Confidential Computing Conference) are now available:
https://www.youtube.com/playlist?list=PLEhAl3D5WVvSqGrHPmtH9aHly3n2bwkYk
OC3 2026
NERDS.xyz – Real Tech News for Real NerdsExpressVPN launches ExpressAI, promising private AI chats that even it cannot read
https://fed.brid.gy/r/https://nerds.xyz/2026/03/expressvpn-expressai-private-ai/
Moritz SanftMy colleague Paul (@katexochen) has done a great write-up of how a malicious host (e.g. cloud provider) can trivially compromise confidential VMs, and how we mitigated the attack at Edgeless Systems. Read his blog post: https://lobste.rs/domains/katexochen.aro.bz
#security #confidentialcomputing #firmware
#security #confidentialcomputing #firmware
BadAML exploits host-supplied ACPI tables to get arbitrary code execution inside confidential VMs. We reproduced the attack end-to-end against our stack and built an AML sandbox to stop it. I did a writeup on the original paper that published the attack, our reproducer, and our journey to fix it.
Reproducing and mitigating BadAML
BadAML is an attack that exploits host-supplied ACPI tables to gain arbitrary code execution inside confidential VMs, bypassing their memory isolation guarantees. Working on Contrast, we reproduced the attack end-to-end against our stack and mitigated it with an AML sandbox that restricts bytecode execution to shared memory pages. On untrusted ground: Protecting guests with confidential computing Confidential Computing (CC) is a paradigm that aims to protect trusted workloads on an untrusted, remote platform. Using Trusted Execution Environments (TEEs) and their two basic primitives, memory isolation and remote attestation, it can secure a confidential workload in a hostile environment, protecting against a potentially malicious infrastructure provider1 or platform operator. Today, TEEs most commonly come in the form of confidential virtual machines (CVMs), which are isolated from the host and other VMs through a set of ISA extensions and chip properties provided by the CPU vendor (AMD SEV-SNP, Intel TDX, ..).
Kevin SaltCongratulations. This is another major step forward in the battle to tame the EU AI Act Compliance beast. Accountable Hardware meets sovereign Cloud.
We should have a chat (soon) about structured indexing of large unstructured datasets. I have some novel. and very fast, tools under development right now.
#DigitalSovereignty #EUAIAct #SovereignCloud #OCIS #ConfidentialComputing #DigitalForensics #IPCEICIS #OpenSource #DataIntegrity #StructuredIndexing
OpenCloudWe're excited to be working with real-cis. Together, we're building a solid foundation to ensure OpenCloud can be operated securely and transparently even in environments with increased security requirements, from the platform right through to the operating environment.
Find out more on the blog: https://opencloud.eu/en/news/partnership-opencloud-and-real-cis
#DigitalSovereignty #ConfidentialComputing #ITSecurity #KRITIS #OpenSource
Wir freuen uns auf die Zusammenarbeit mit real-cis. Gemeinsam schaffen wir eine Basis, um OpenCloud auch dort sicher und nachvollziehbar zu betreiben, wo erhöhte Schutzanforderungen gelten, von der Plattform bis zur Ausführungsumgebung.
Erfahren Sie mehr dazu im Blog: https://opencloud.eu/de/news/partnerschaft-opencloud-und-real-cis
#DigitaleSouveränität #ConfidentialComputing #ITSecurity #KRITIS #OpenSource
Thomas Fricke (he/his)Using #confidentialcomputing for #mcp is #trustwashing
I coin this term here ™️
