|
|
|
|
|
|
by noisenotsignal
2010 days ago
|
|
|
It's not really "run anywhere", but you can write apps for a trusted execution environment like Intel SGX enclaves; not even the OS can look at what's running. Enclave code is cryptographically signed so that you can both validate the identity of the signer as well as the code contents. In the latter, you'd have to compare the MRENCLAVE value to a published value, which you could reproduce by building from source if it's open. Microsoft calls this "confidential computing" and has some related Azure products, including providing VMs standalone and in Kubernetes. |
|
|