Paul Meyer

@[email protected]
313 Followers
226 Following
609 Posts

software eng @ Amutable | #nixpkgs maintainer

#ConfidentialComputing #Nix #NixOS #ReproducibleBuilds

GitHubhttps://github.com/katexochen
Bloghttps://katexochen.aro.bz/
Paul Meyer16h ago
Show threadLennart Poettering1d ago

…same image. Hence this is what happens here: if this new mode is enabled via --el-torito=yes, then the ESP of the disk image becomes available both as a 512b sector ESP, and as a 2048b sector ISO9660 El-Torito boot file system.

TLDR: just enable that knob and your bootable UEFI images can both be booted on (virtual or real) CD-ROMs and USB sticks, the exact same way. Yay!

Paul Meyer4d ago
Show threadArian4d ago
Automate everything away. Build everything from source. Only depend on what you need. Distros and docker made us sloppy and lazy. Start understanding the fucking Shit you're using in production and build bespoke systems.
Paul MeyerMay 2

Physical security has become an important aspect of protecting confidential computing workloads. Physical access is typically excluded from hardware vendors' CVM attack models, leaving physical and relay attacks largely unaddressed.
Flashbots and Intel have each been working independently on solutions to help bridge this physical-access gap: https://writings.flashbots.net/mind-the-gap-tee-poc

#ConfidentialComputing #CloudSecurity #TPM

Mind the Gap - Where TEE Attestations Fall Short and Why Do TEEs Need Proof of Cloud | Flashbots Writings

Covering Proof of Cloud and motivating why it is needed and where it falls short and requires future extensions.

Paul MeyerApr 29

Reproducible builds are a valuable property for remote attestation workflows but often hard to maintain. We faced a special challenge building reproducible artifacts that contain signatures.

Together with @Euler I wrote a blog post about how we used ECDSA public key recovery to generate signatures that match exactly one artifact, can be reproduced by a verifier, and are secure, without anyone ever knowing a private key.

https://katexochen.aro.bz/posts/reproducible-secure-signatures/

#ReproducibleBuilds #RemoteAttestation #Cryptography #ConfidentialComputing #Infosec

Secure signatures without a private key

Reproducible builds allow anyone to verify that a binary matches its source code. But what if the build artifact must contain a cryptographic signature? Reproducing the signature requires the private key, which defeats the purpose of reproducibility. In this post, we present a technique based on ECDSA public key recovery that produces signatures which are both secure and fully reproducible, without anyone ever knowing a private key. Build artifacts with signatures - a reproducibility issue Remote attestation is a fundamental part of Confidential Computing. It can be used to prove what software is running in a remote environment. Users of such an attested environment do not need to trust the software vendor, excluding them from the trusted computing base1.

blog katexochen
Paul MeyerApr 19
Lix ProjectApr 19
Talks from LixCon 2026 have now been released! Check them out at https://media.ccc.de/c/lixcon2026!
LixCon 2026 - media.ccc.de

Video Streaming Portal des Chaos Computer Clubs

Paul MeyerApr 18

The Nix sandbox aims to provide a pure environment by isolating the build environment from the rest of the system. However, some impurities can still affect builds inside the sandbox and lead to reproducibility issues. One of them is the filesystem.

A common example is builds that implicitly depend on inode numbering or directory entry ordering. In some cases, you might even run into a filesystem bug: a build succeeds on one machine, but fails on another with a different filesystem.

To debug these issues, you can now use nix-buildon. It lets you swap out the filesystem underneath the Nix sandbox. By running the sandbox on disorderfs, you can get a deterministic, sorted, or reverse-sorted view of directory entries. This makes it easy to check whether a build depends on filesystem behavior that should not matter in the first place.

https://github.com/katexochen/nix-buildon

I created this at #OceanSprint. 🌊

#Nix #NixOS #ReproducibleBuilds

GitHub - katexochen/nix-buildon: Discover filesystem-based reproducibility issues by running the Nix sandbox on different filesystems

Discover filesystem-based reproducibility issues by running the Nix sandbox on different filesystems - katexochen/nix-buildon

GitHub
Paul MeyerApr 17

Cool, KVM-based AMD SEV-SNP support was recently added to Cloud Hypervisor! Including support for Google's oak stage0 firmware and IGVM image format.
https://github.com/cloud-hypervisor/cloud-hypervisor/pull/7942

#ConfidentialComputing #virtualization #KVM #CloudHypervisor

Paul MeyerApr 15

Fabricked, a new attack on AMD SEV-SNP presented: software-based attack that manipulates memory routing of inter-component communication within the SoC to trick the secure processor into improperly initializing the RPM table. The root cause is a missing check in the secure processor firmware to enforce the Data Fabric is locked down.

https://fabricked-attack.github.io/

#ConfidentialComputing #CloudSecurity #AMD

Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP

Confidential computing allows cloud tenants to offload sensitive computations and data to remote resources without needing to trust the cloud service provider. Hardware-based trusted execution environments, like AMD SEV-SNP, achieve this by creating Confidential Virtual Machines (CVMs). With Fabricked, we present a novel software-based attack that manipulates memory routing to compromise AMD SEV-SNP. By redirecting memory transactions, a malicious hypervisor can deceive the secure co-processor (PSP) into improperly initializing SEV-SNP. This enables the attacker to perform arbitrary read and write access within the CVM address space, thus breaking SEV-SNP core security guarantees.

Fabricked
Paul MeyerApr 11

RE: https://infosec.exchange/@trailofbits/116363081880526734

Trail of Bits published a really interesting audit report on Meta's confidential computing protection for WhatsApp's AI support. One of the findings is an AML injection attack, which I wrote about in a blog post a few weeks ago: https://katexochen.aro.bz/posts/badaml/

There are many other interesting findings, and a lot to learn from them. I really appreciate that they are sharing the full report.

#ConfidentialComputing #CloudSecurity

Paul MeyerApr 7

Dependabot can now update Nix flake inputs: https://github.blog/changelog/2026-04-07-dependabot-version-updates-now-support-the-nix-ecosystem/

The nix flake support in Renovate was broken for some time and only worked for nixpkgs (not sure if that's still the case), so this is an interesting development.

#Nix #NixOS

Dependabot version updates now support the Nix ecosystem - GitHub Changelog

Dependabot now supports Nix flakes. Add nix as a package ecosystem in your dependabot.yml file. Dependabot will then monitor your flake.lock inputs and open pull requests when newer commits are…

The GitHub Blog