Marius Schwarz wrote: > From guest to host: you need to trust the host not to spy on you, your > data, connection targets aso.
Correct. This is a fundamental principle. Users are at the mercy of the sysadmin. Programs are at the mercy of the operating system. Virtual machines are at the mercy of the host operating system. "The cloud" is just other people's computers, and those people have the power to spy on what you do on their computers. The processor vendors market so-called "secure enclaves" that are supposed to make it so that the host operating system can't see what a guest program does. Of course that means only that the vendor's firmware is the true host, so now the "host" and the guest are both at the mercy of the unfree and secretive firmware. And there have been news about firmware bugs that let attackers bypass the protection, rendering the enclaves useless. The solution is to consider security before you rent other people's computers, and keep secrets and sensitive data on your own hardware. Björn Persson
pgpojY8pw6hQR.pgp
Description: OpenPGP digital signatur
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
