Virtualization in the cloud

55 views
Skip to first unread message

iamroo...@gmail.com

unread,
Jun 17, 2017, 10:04:49 AM6/17/17
to qubes-users
I was just wondering.

Is it possible to get a VM on Google Cloud Compute (for e.g.) and be able to mitigate the security issues caused by not being the owner of the metal/hypervisor. If, say, you run an https enabled apache instance, the ease of creation/setup, ability to later scale and redundancy are all nice. But Google have access to your ssl key contained within the virtual drive. You could use LUKS with full system encryption but I'm not sure this helps. They could snapshot a running instance (post LUKS pw challenge) and respin the VM in that state. They could also modify the hypervisor to add a keylogger to the virtualised keyboard input interface to capture the LUKS password. They could also simply lift the key from the VM's RAM (Evil Maid in the cloud?).

So the real question is .. could Qubes run in an AWS/Azure/Google instance and it's assumptions of everything being permanently comprimised withstand even the hypervisor being untrustworthy? Or do you have to ultimately not only trust the hypervisor but also be the owner of it and the hardware?

Is there ANY way to maintain security in the cloud or if you care about security should you simply avoid cloud-hosting altogether and do it in-house?

Lots of people seem to do it, maybe they've just accepted the risk.

Tomei Ningen

unread,
Jun 17, 2017, 3:40:22 PM6/17/17
to iamroo...@gmail.com, qubes-users
I'm of the opinion that if "everybody's doing it" then it's probably best to take a different approach;. I don't trust or play around with the cloud, especially with a behemoth like Google. Color me paranoid.


Sent with ProtonMail Secure Email.

--
You received this message because you are subscribed to the Google Groups "qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users...@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Chris Laprise

unread,
Jun 17, 2017, 4:14:29 PM6/17/17
to iamroo...@gmail.com, qubes-users
Normally, ownership = control over whichever keys are used by the CPU.

Something called Intel SGX could change that:

http://theinvisiblethings.blogspot.com/2013/08/thoughts-on-intels-upcoming-software.html

Note, this is a desktop PC-focused list so is not the best place to ask
about the dynamics of server/cloud security.

--

Chris Laprise, tas...@openmailbox.org
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886

Tai...@gmx.com

unread,
Jun 19, 2017, 3:01:56 AM6/19/17
to Chris Laprise, qubes-users
On 06/17/2017 04:14 PM, Chris Laprise wrote:

> Normally, ownership = control over whichever keys are used by the CPU.
>
> Something called Intel SGX could change that:
>
> http://theinvisiblethings.blogspot.com/2013/08/thoughts-on-intels-upcoming-software.html
>
>
> Note, this is a desktop PC-focused list so is not the best place to
> ask about the dynamics of server/cloud security.
FYI:
SGX is simply another ME technology that removes user control, it was
created for hollywoods latest BluRay 4K DRM scheme.

http://www.businesswire.com/news/home/20170425005930/en/CyberLink-Enable-World%E2%80%99s-Ultra-HD-Blu-Ray-Software
Reply all
Reply to author
Forward
0 new messages