I was just wondering.

Is it possible to get a VM on Google Cloud Compute (for e.g.) and be able to 
mitigate the security issues caused by not being the owner of the 
metal/hypervisor. If, say, you run an https enabled apache instance, the ease 
of creation/setup, ability to later scale and redundancy are all nice. But 
Google have access to your ssl key contained within the virtual drive. You 
could use LUKS with full system encryption but I'm not sure this helps. They 
could snapshot a running instance (post LUKS pw challenge) and respin the VM in 
that state. They could also modify the hypervisor to add a keylogger to the 
virtualised keyboard input interface to capture the LUKS password. They could 
also simply lift the key from the VM's RAM (Evil Maid in the cloud?).

So the real question is .. could Qubes run in an AWS/Azure/Google instance and 
it's assumptions of everything being permanently comprimised withstand even the 
hypervisor being untrustworthy? Or do you have to ultimately not only trust the 
hypervisor but also be the owner of it and the hardware?

Is there ANY way to maintain security in the cloud or if you care about 
security should you simply avoid cloud-hosting altogether and do it in-house?

Lots of people seem to do it, maybe they've just accepted the risk.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8f94ba97-cc72-44d6-a065-7171b707e00a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to