As thousands of cloud fanatics descend on Las Vegas this week for #amazon web service’s #re:invent conference, researchers in Massachusetts are raising new questions about the security of all multi-tenant cloud environments.
A group of professors at #worcester polytechnic institute demonstrated in a recently published paper named “Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud,” a proof of concept hack of secret cryptography keys used in an #aws virtual machine. The now-patched flaw – which was not specific to AWS — showed that a hacker could theoretically gain a user’s secret keys that are used to encrypt sensitive #data.
Leave a reply
