In case it’s not obvious, this is a hardware attack that lets someone with access to the motherboard (e.g. a cloud host) see what your VM is doing even if you use the CPU’s security features that are supposed to prevent that. Intel’s version (SGX) of that feature has been considered broken in other ways for years. Not sure about AMD’s but I’d expect about the same. Better not run super high security stuff on hardware controlled by an attacker :).
threaded - newest
In case it’s not obvious, this is a hardware attack that lets someone with access to the motherboard (e.g. a cloud host) see what your VM is doing even if you use the CPU’s security features that are supposed to prevent that. Intel’s version (SGX) of that feature has been considered broken in other ways for years. Not sure about AMD’s but I’d expect about the same. Better not run super high security stuff on hardware controlled by an attacker :).
Any machine with which an attacker has had physical access to should be considered compromised
I don’t imagine trusting any countermeasure close to enough to invalidate that rule