fulafel parent
This sounds much more secure than AWS and their use of Xen.
How so? What leads you to believe that Amazon hasn't taken similar measures?
https://aws.amazon.com/security/security-bulletins/
search "Xen Security" and "XSA Security"
Many do say AWS is not affected; it is a bit of effort to review them all. The newest I found is: https://aws.amazon.com/security/security-bulletins/XSAsecuri... (Dec. 2015)
Interestingly, AWS was not affected by the August 2016 XSA Security Advisory (XSA-182) that impacted Qubes OS: http://blog.quarkslab.com/xen-exploitation-part-3-xsa-182-qu...
https://aws.amazon.com/blogs/aws/ec2-maintenance-update/ (Sep. 2014)
Amazon isn't confident enough in their solution such that they will only support customers with high levels of regulatory and compliance requirements (e.g. HIPAA) if they are using dedicated physical hosts.
https://aws.amazon.com/ec2/dedicated-hosts/
https://aws.amazon.com/blogs/security/frequently-asked-quest...
Does Google Cloud support HIPAA workloads on regular shared instances?
I thought HIPAA itself mandates physical dedicated host separation.