logoalt Hacker News

cortesofttoday at 6:01 AM3 repliesview on HN

I mean, anytime you use the cloud for anything, you are giving MITM capabilities to the hosting provider. It is their hardware, their hypervisors... they can access anything inside the VMs

Replies

rwmjtoday at 9:52 AM

Not if it's using Confidential Computing. Then you're trusting "only" the CPU vendor (plus probably the government of the country where that vendor is located), but you're trusting the CPU already.

yaurtoday at 6:34 AM

This approach doesn't give access from the hypervisor to your private keys it gives access to other tenants to your private keys.

TZubiritoday at 6:40 AM

I think the vulnerability would be that not only the host can now MITM, but other co-tenants would have the capability to bypass that MiTM protection.