Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Anyone with access to the hypervisor at the service provider will have access to plaintext. TLS protects you from service provider network compromise within whatever scopes that covers. If you're in the cloud, you do have to have some basic trust in your service provider as compute is always in plaintext (barring homomorphic encryption).


Anyone with access to the hypervisor at the service provider will have access to plaintext.

This is mostly true with today's state of the industry, but with upcoming technologies like Intel SGX[1], the hypervisor will not be able to access the plaintext anymore.

[1] - https://software.intel.com/en-us/blogs/2013/09/26/protecting...


It's not really an issue of trust but rather defense in depth. You want to protect against rogue employees who can tap into the network, for example.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: