oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 11:56:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix link

Browse source
This commit is contained in:
nihilist 2025-02-06 18:52:15 +01:00
parent 578e9aebe7
commit 6c985654af
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
opsec/cloud_provider_adversary/index.html
View file

@ -195,7 +195,7 @@ in this post we are going to do a threat modelling exercise:<br><br>
Bob makes a RAM snapshot of the virtual machine. on a VPS it is very easy and can be done without notice. Bob makes a RAM snapshot of the virtual machine. on a VPS it is very easy and can be done without notice.
<h3>Countermeasures</h3> <h3>Countermeasures</h3>
<b>Can't be addressed without renting a bare-metal server instead.</b> Alice would need the baremetal server's hardware to support RAM encryption (such as <a href="developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf">AMD SEV</a> and <a href="https://www.intel.com/content/www/us/en/products/docs/accelerator-engines/software-guard-extensions.html">Intel SGX</a>, where the idea is to store the encryption keys in the CPU directly instead of storing it in the RAM). <b>Can't be addressed without renting a bare-metal server instead.</b> Alice would need the baremetal server's hardware to support RAM encryption (such as <a href="https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56860.pdf">AMD SEV</a> and <a href="https://www.intel.com/content/www/us/en/products/docs/accelerator-engines/software-guard-extensions.html">Intel SGX</a>, where the idea is to store the encryption keys in the CPU directly instead of storing it in the RAM).
<h2><b>Malicious Libvirt or Xen Interception</b></h2> <h2><b>Malicious Libvirt or Xen Interception</b></h2>