Will JavaScript type annotations kill TypeScript?
The creators of Svelte and Turbo 8 both dropped TS recently saying that "it's not worth it".
Yes: If JavaScript gets type annotations then there's no reason for TypeScript to exist.
No: TypeScript remains the best language for structuring large enterprise applications.
TBD: The existing user base and its corpensource owner means that TypeScript isn’t likely to reach EOL without a putting up a fight.
I hope they both die. I mean, if you really need strong types in the browser then you could leverage WASM and use a real programming language.
I don’t know and I don’t care.
Hardware / Security

Caliptra: Building Cloud Security from the Chip up

The Open Compute Project (OCP), which brings open source methods and collaboration to the data center, has introduced Caliptra, an open specification for a silicon Root-of-Trust (ROT).
Oct 21st, 2022 8:15am by
Featued image for: Caliptra: Building Cloud Security from the Chip up

When you think about cloud security — and who doesn’t these days? — chip-level security is probably not even on your radar. But, perhaps, it should be. The Open Compute Project (OCP), which brings open source methods and collaboration to the data center, thinks so. In its latest program, Caliptra, the OCP is introducing an open specification for a silicon Root-of-Trust (RoT).

Caliptra, which is Spanish for “root cap,” the deepest part of the root, is an open specification for a reusable, silicon-level intellectual property (IP) block. This is meant to be integrated into system-on-a-chip (SOC)s and application-specific integrated circuits (ASICs). Caliptra is fully open source all the way down to the register-transfer level (RTL).

Verifiable Cryptographic Assurances

What that means for those of us who aren’t chip fabricators is that it provides verifiable cryptographic assurances of the SOC’s security configuration and workload protection mechanisms. This, in turn, ensures that only trusted firmware can execute on the SOC. Thus, Caliptra’s main job is to provide verifiable cryptographic assurances of an ASIC or SoC’s security configuration, with an in-chip mechanism to ensure the boot code is trustworthy. After all, no one wants to see a hypercloud rootkit attack.

Microsoft Azure, a major Caliptra supporter, states it will provide “foundational security properties that underpin the integrity of higher-level security protection for confidential workloads.” It will provide such essential security properties as Identity; hardware security compartmentalization; and verification of all mutable firmware ownership

Historically, this has been done on the motherboard with ROT chips. On these, developers could build a “Tower of Trust” to ensure that only the correct firmware could run on their devices. This then ensures that a server or a device can only boot with the correct firmware. It also provides the foundation for a cryptographically unique machine identity; protects secrets like encryption keys, and delivers authoritative, tamper-evident audit records and other runtime security services.

For the most part, this has been done with proprietary silicon, such as the Rambus RT-600 series and the Intel FPGA PAC D5005 BMC. Needless to say, there have been other open source efforts to address RoT.  The most well-known of these is Google’s OpenTitan.

Universal Design

But the OCP decided it wanted a ROT just for hyperscale cloud data centers. They also wanted a universal design that would “not be a landing pad for vendor ‘value adds.'” This way, all major cloud vendors could rely on Caliptra without worrying about being painted into a corner. Another reason for this was that edge computing business models, and cloud confidentiality demanded higher levels of security, interoperability, and transparency.

Or, as Partha Ranganathan, Google Cloud’s VP, Engineering Fellow, and OCP Board Member, said, “With Caliptra, we are bringing the velocity of open source development to infrastructure security, enabling the Community to collectively harden a robust IP block that all of us can trust across a diverse set of silicon offerings.”

The Caliptra 0.5 specifications are already available. The firmware collaboration will be done with the open source hardware CHIPS Alliance. Caliptra is being backed by OCP members, AMD, Google, Nvidia, and Microsoft. It’s worth noting, however, that OCP Platinum member Intel has not thrown its support behind this project.

Be that as it may, it seems clear already that with both Google and Microsoft behind it, Caliptra will be an important substratum to foundational cloud security.

Group Created with Sketch.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.