Hacker News new | ask | show | jobs
by cortesoft 96 days ago
I mean, anytime you use the cloud for anything, you are giving MITM capabilities to the hosting provider. It is their hardware, their hypervisors... they can access anything inside the VMs
3 comments
rwmj 96 days ago
Not if it's using Confidential Computing. Then you're trusting "only" the CPU vendor (plus probably the government of the country where that vendor is located), but you're trusting the CPU already.
link
TZubiri 96 days ago
I think the vulnerability would be that not only the host can now MITM, but other co-tenants would have the capability to bypass that MiTM protection.
link
yaur 96 days ago
This approach doesn't give access from the hypervisor to your private keys it gives access to other tenants to your private keys.
link