Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP

A fresh security paper dropped a very uncomfortable claim: AMD’s much-hyped privacy feature for cloud servers can be broken if a malicious host sets the machine up wrong from the start. In plain English, the protection is supposed to keep your rented cloud computer private even from the company running it. But the researchers say a bad actor controlling the server’s startup software can quietly reroute memory traffic, trick the system during setup, and then peek into supposedly protected virtual machines anyway. That’s the scary part. The even spicier part? The comments were basically a brawl between “this is devastating” and “this is old news, calm down.”

One camp went full doompost. A top reaction sneered that “confidential computing” is just a sales pitch to get people comfortable using someone else’s machine, while another commenter all but rolled their eyes at the idea there was ever a truly working concept here in the first place. The vibe was less “surprised” and more “I knew this magic trick was fake.” Another person raised the painfully practical question: if privacy is this shaky, maybe paying for an entire physical server is cheaper than dealing with a breach later.

But not everyone joined the panic parade. One reply pointed out that AMD already has microcode updates for this, while a skeptic hit the thread with the classic security-forum shrug: “Requires an already compromised hypervisor / UEFI. Yawn.” Translation: yes, it’s bad, but only if the landlord is already evil. Which, to be fair, is exactly the nightmare this tech claims it’s supposed to handle.