[RndTbl] Virtual machine used to steal crypto keys from other VM on same server | Ars Technica
Adam Thompson
athompso at athompso.net
Tue Nov 6 20:07:09 CST 2012
http://arstechnica.com/security/2012/11/crypto-keys-stolen-from-virtual-machine/
Some of our members have been convinced this was imminent for, oh, about a decade now. It's finally happened, but as is pointed out, relies on side-chanel attacks on shared hardware.
This STILL doesn't mean virtualization itself is inherently insecure... but it does mean public clouds just got a little harder to trust for high-security operations.
-Adam
More information about the Roundtable
mailing list