[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Fine grain Cross-VM Attacks on Xen and VMware (AES)
Griffin Boyce <[email protected]> writes:
>'AES in a number popular cryptographic libraries including OpenSSL, PolarSSL
>and Libgcrypt are vulnerable to Bernsteinâ??s correlation attack when run in
>Xen and VMware virtual machines, the most popular VMs used by cloud service
>providers.'
That's just another proof of the inverse of Law #1 of the 10 Immutable Laws of
Security, "If a bad guy can persuade you to run his program on your computer,
itâ??s not your computer any more". The inverse is the Immutable Law of Cloud
Computing Security, "If a bad guy can persuade you to run your program on his
computer, itâ??s not your program any more".
Peter.