My colleague Paul (@katexochen) has done a great write-up of how a malicious host (e.g. cloud provider) can trivially compromise confidential VMs, and how we mitigated the attack at Edgeless Systems. Read his blog post: https://lobste.rs/domains/katexochen.aro.bz
#security #confidentialcomputing #firmware