Cloud computing concentrates trust: organizations run critical services on infrastructure they do not control, backed by massive software stacks they did not write. When any part of this foundation is compromised, security guarantees can collapse. In practice, compromises are frequent, whether from vulnerabilities, misconfigurations, or supply-chain failures. Recent advances in confidential computing technology (trusted hardware) have unlocked a powerful new capability: the ability to build cloud applications that remain secure even when parts of the surrounding infrastructure are compromised. However, hardware alone does not solve the problem. Realizing this capability in practice requires rebuilding key pieces of the cloud around it, developing new abstractions and security protocols that can withstand adversarial cloud infrastructure. In this talk, I use cloud storage as a concrete lens. I’ll explain why securing storage becomes challenging under this new model and present security protocols that resist adversarial storage while keeping performance overheads low enough for practical deployment in the cloud. I’ll conclude by outlining how the same principles extend beyond storage to networking and compute infrastructure.