Michael Wolf writes:

It still runs in a VM on stock x86 hardware... what stops the NSA/provider from viewing the virtual CPU's state, retrieving the encryption keys, and decrypting the memory? "PRISM-Proof" my tail.

Preventing the provider from viewing the virtual CPU's state is the main goal of their PrivateCore software. They encrypt the RAM that contains the VM and they try to ensure that the key used to encrypt it never leaves the CPU and that the providers don't get to see that key. Evidently right now they use a TPM for bootstrapping, so the weak link is probably the TPM: the provider could try to reboot the host while attacking the TPM in some way. If they had a completely fake or cracked TPM that other people accepted as genuine, they could try to make it boot the PrivateCore instance itself in a (provider-controlled) VM pretending to be native hardware. (The other potential weak link is exploiting the OS running inside the VM. Then even if you don't know the crypto keys that encrypt the memory, you can tell the OS to let you monitor its processes or disk.) There should be at least a brief discussion of this in the liberationtech archives. -- Seth Schoen Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk