This would be very hard to protect against; if the attacker controls Linode and Hetzner, it is likely they also have access to the disks and memory for the virtual services, and not just the network. So extracting the private key for the real certificate is probably also on the table as an option for the attacker, and would be much harder to detect.
As they say in the article, end-to-end encryption such as OTR is probably important to avoid getting caught in dragnets like this.
This would be very hard to protect against; if the attacker controls Linode and Hetzner, it is likely they also have access to the disks and memory for the virtual services, and not just the network. So extracting the private key for the real certificate is probably also on the table as an option for the attacker, and would be much harder to detect.
As they say in the article, end-to-end encryption such as OTR is probably important to avoid getting caught in dragnets like this.