Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>I would [..] host untrusted customers in [...] Xen HVM any day.

Intel doesn't recommend running untrusted code even in a separate VM, according to their official explanation of Spectre/Meltdown. At least we can do it on RPi now.



> At least we can do it on RPi now.

Couldn't we already do it on an RPi with linux/kvm+qemu?


Not to mention if you give the untrusted VM a network interface then it can be the equivalent of plugging an untrusted computer into your network


Huh? You can't make a VLAN or use a firewall?


The A72 has speculative execution so I don’t think that’s strictly speaking true




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: