【Hacker News搬运】私有云计算安全指南

hackernews

Title: Private Cloud Compute Security Guide

私有云计算安全指南

Text:

hn link

Url: https://security.apple.com/documentation/private-cloud-compute/

很抱歉，由于我是一个人工智能模型，我无法直接访问外部网站或其内容。不过，我可以根据您提供的链接描述给出一些一般性的信息。

链接指向的是苹果公司（Apple Inc.）的官方网站，具体是关于“Private Cloud Compute”的文档。以下是关于“Private Cloud Compute”的一些可能的信息：

**Private Cloud Compute** 可能是指苹果公司提供的一项服务，允许用户在苹果的私有云环境中部署和管理计算资源。以下是一些可能包含在文档中的内容：

1. **服务概述**：介绍Private Cloud Compute的基本概念、用途和优势。
2. **部署指南**：指导用户如何在私有云中设置和部署计算资源。
3. **管理工具**：介绍用于管理私有云环境的工具和接口。
4. **安全性和合规性**：强调苹果公司如何确保私有云计算服务的安全性，并可能涉及相关的合规性和隐私政策。
5. **性能和可扩展性**：讨论私有云计算服务的性能特点以及如何扩展资源以满足不同需求。

如果您需要将该内容翻译成中文，以下是一个可能的翻译：

“私有云计算是苹果公司提供的一项服务，允许用户在其私有云环境中部署和管理计算资源。该文档概述了私有云计算的基本概念、部署指南、管理工具，以及苹果公司如何确保服务的安全性、合规性和性能。用户可以了解如何设置和部署计算资源，以及如何使用管理工具来有效管理私有云环境。”

请注意，这只是一个基于假设的翻译，实际文档的具体内容可能会有所不同。如果您需要准确的中文翻译，建议您使用在线翻译工具或寻求专业的翻译服务。

Post by: djoldman

Comments:

lukev: There's something missing from this discussion.<p>What really matters isn't how secure this is on an absolute scale, or how much one can trust Apple.<p>Rather, we should weigh this against what <i>other cloud providers</i> offer.<p>The status quo for every other provider is: "this data is just lying around on our servers. The only thing preventing a employee from accessing it is that it would be a violation of policy (and <i>might</i> be caught in an internal audit.)" Most providers also carve out several cases where they <i>can</i> look at your data, for support, debugging, or analytics purposes.<p>So even though the punchline of "you still need to trust Apple" is technically true, this is qualitatively different because <i>what would need to occur</i> for Apple to break their promises here is so much more drastic. For other services to leak their data, all it takes is for one employee to do something they shouldn't. For Apple, it would require a <i>deliberate compromise of the entire stack at the hardware level.</i><p>This is very much harder to pull off, and more difficult to hide, and therefore Apple's security posture is qualitatively better than Google, Meta or Microsoft.<p>If you want to keep your data local and trust no-one, sure, fine, then you don't need to trust anyone else at all. But presuming you (a) are going to use cloud services and (b) you care about privacy, Apple has a compelling value proposition.

lukev: 那里；这场讨论缺少了什么<p> 真正重要的不是；这在绝对规模上有多安全，或者人们可以信任苹果多少<p> 相反，我们应该将其与其他云提供商提供的服务进行权衡<p> 其他所有提供者的现状是：&quot；这些数据只是躺在我们的服务器上。唯一阻止员工访问它的是，这将违反政策（内部审计可能会发现<i>）。&quot；大多数提供商还列出了几种情况，在这些情况下，他们<i>可以</i>查看您的数据，以获得支持、调试或分析<p> 因此，尽管“；你仍然需要信任苹果”；从技术上讲，这是正确的，但在性质上是不同的，因为苹果要想在这里违背承诺，需要发生的事情要激烈得多。对于其他服务泄露数据，只需一名员工做他们应该做的事情即可；t.对于苹果来说，这将需要在硬件层面对整个堆栈进行深思熟虑的妥协</i> <p>这很难实现，也更难隐藏，因此苹果；其安全态势在质量上优于谷歌、Meta或微软<p> 如果您想将数据保存在本地，不信任任何人，当然可以，那么您不需要；根本不需要相信别人。但是，假设你（a）将使用云服务，（b）关心隐私，苹果有一个令人信服的价值主张。

solarkraft: Sibling comments point out (and I believe, corrections are welcome) that all that theater is still no protection against Apple themselves, should they want to subvert the system in an organized way. They’re still fully in control. There is, for example, as far as I understand it, still plenty of attack surface for them to run different software than they say they do.<p>What they are doing by this is of course to make any kind of subversion a hell of a lot harder and I welcome that. It serves as a strong signal that they <i>want</i> to protect my data and I welcome that. To me this definitely makes them the most trusted AI vendor at the moment by far.

solarkraft: Sibling的评论指出（我相信，更正是受欢迎的），如果他们想有组织地颠覆这个系统，那么所有这些剧院仍然无法保护苹果自己。他们仍然完全控制着局面。例如，据我所知，他们仍然有很多攻击面来运行与他们所说的不同的软件。<p>他们这样做当然是为了让任何形式的颠覆变得更加困难，我对此表示欢迎。这是一个强烈的信号，表明他们希望保护我的数据，我对此表示欢迎。在我看来，这无疑使他们成为目前最值得信赖的人工智能供应商。

lxgr: This is probably the best way to do cloud computation offoading, <i>if one chooses to do it at all</i>.<p>What's desperately missing on the client side is a switch to <i>turn this off</i>. It's really intransparent which Apple Intelligence requests are locally processed and which are sent to the cloud, at the moment.<p>The only sure way to know/prevent it a priori is to... enter flight mode, as far as I can tell?<p>Retroactively, there's a request log in the privacy section of System Preferences, but that's really convoluted to read (due to all of the cryptographic proofs that I have absolutely no tools to verify at the moment, and honestly have no interest in).

lxgr: 这可能是卸载云计算的最佳方式，<i>如果有人选择这样做</i><p> 什么；客户端严重缺失的是<i>关闭</i>的开关。它；目前，苹果智能的哪些请求是在本地处理的，哪些请求是发送到云端的，这真的很不清楚<p> 了解情况的唯一可靠方法；据我所知，事先防止它是…进入飞行模式吗<p> 回想起来，有；这是“系统首选项”的隐私部分中的请求日志，但；读起来真的很复杂（因为我目前绝对没有工具可以验证所有的加密证明，老实说我也没有兴趣）。

jagrsw: If Apple controls the root of trust, like the private keys in the CPU or security processor used to check the enclave (similar to how Intel and AMD do it with SEV-SNP and TDX), then technically, it's a "trust us" situation, since they likely use their own ARM silicon for that?<p>Harder to attack, sure, but no outside validation. Apple's not saying "we can't access your data," just "we're making it way harder for bad guys (and rogue employees) to get at it."

jagrsw: 如果苹果控制了信任的根源，比如CPU或安全处理器中用于检查飞地的私钥（类似于英特尔和AMD使用SEV-SNP和TDX的方式），那么从技术上讲，它；a&quot；相信我们&quot；既然他们可能会使用自己的ARM芯片，那么情况会如何<p> 当然，更难攻击，但没有外部验证。苹果；不是说&quot；我们可以；无法访问您的数据，&quot；只是&quot；我们；让坏人（和流氓员工）更难做到这一点。&quot；

h1fra: Love this, but as an engineer, I would hate to get a bug report in that prod environment, 100% don't work on my machine and 0% reproducibility

h1fra: 我很喜欢这个，但作为一名工程师，我不想在那种prod环境中收到错误报告，100%不要；我的机器无法运行，再现性为0%