| ▲ | cortesoft 7 hours ago | |
I mean, anytime you use the cloud for anything, you are giving MITM capabilities to the hosting provider. It is their hardware, their hypervisors... they can access anything inside the VMs | ||
| ▲ | rwmj 4 hours ago | parent | next [-] | |
Not if it's using Confidential Computing. Then you're trusting "only" the CPU vendor (plus probably the government of the country where that vendor is located), but you're trusting the CPU already. | ||
| ▲ | yaur 7 hours ago | parent | prev | next [-] | |
This approach doesn't give access from the hypervisor to your private keys it gives access to other tenants to your private keys. | ||
| ▲ | TZubiri 7 hours ago | parent | prev [-] | |
I think the vulnerability would be that not only the host can now MITM, but other co-tenants would have the capability to bypass that MiTM protection. | ||