←back to thread

Mitigating the Hetzner/Linode XMPP.ru MitM interception incident

(www.devever.net)
341 points hlandau | 2 comments | 20 Oct 23 20:31 UTC | HN request time: 0.426s | source
Show context
liquidk ◴[20 Oct 23 23:06 UTC] No.37962482[source]
The provider has access to the host, they can just inspect the job from the outside and you won’t be able to tell
replies(3): >>37962632 #>>37962862 #>>37963439 #
the8472 ◴[20 Oct 23 23:27 UTC] No.37962632[source]
secure boot + virtualized memory encryption is supposed to prevent that, you'll have to trust intel/amd though.
replies(4): >>37962858 #>>37963072 #>>37963119 #>>37963152 #
jeroenhd ◴[21 Oct 23 00:50 UTC] No.37963119[source]
Secure boot on a cloud machine is pretty useless, there's nothing stopping the hypervisor from injecting code into the running machine. Theoretically virtual machine memory is encrypted, but you'll just have to trust the hypervisor's word for it. You can try to verify the boot chain all the way to the hardware keys, but if the hypervisor just replaces your `JNE` with a `NOP` you'll have a hard time automating your protections.

I suppose you can transfer the keys out of the machine over the network (and hope the hypervisor doesn't replace the socket buffers just before transmission) and verify them off site, but guest machines will always be just that: guests on a host that has all the power.

replies(2): >>37963224 #>>37964890 #
1. comex ◴[21 Oct 23 01:11 UTC] No.37963224[source]
That is not the case for the latest CPU extensions for encrypted VMs, AMD SEV-SNP and Intel TDX, which are designed to allow remote attestation based on a key hidden in the CPU that the hypervisor does not get access to.

The hypervisor only ever sees the VM’s memory in encrypted form, and it’s integrity-checked by the CPU to prevent replay attacks.

replies(1): >>37974387 #
2. immibis ◴[22 Oct 23 11:09 UTC] No.37974387[source]
SGX has been bypassed with hypervisor access. I'm sure the new extensions are different, but have similar fundamental flaws.

Besides, a nation-state actor can compel Intel to disclose your CPU's key.