Virtualization’s Dark Side - or stating the obvious for beginners
Posted in the web, thin clients, Coding, Blogs, Security, Microsoft on April 10, 2008 at 9:35 am
You sometimes wonder if in a world of management speak stating the obvious is genuinely seen as a clever thing. Over at
Someone is (being paid for!) saying if malware controls the virtualization host it will have access to all the virtual machines and their data without the virtual machines knowing!!! Well I never, that’s as if someone bugs the telephone exchange you won’t find the bug on your handset and they’ll hear all the calls not just the ones on your phone.
Who’d have thought it? Well who’d have thought you could get paid for telling people something quite that obvious.
Then again someone is probably being paid for the comment “Rather than the usual pattern, where we deploy a technology and wait for it to get hacked, wouldn’t it be cool to try and secure it first?”
Wow, someone should suggest to the O/S people to try adding some security when they design things. OK, you may think Microsoft didn’t but I think you’ll find they just didn’t do it very well. They didn’t design it to be full of holes (except maybe any employees who moonlight for anti-virus companies).
And “wouldn’t it be cool”??? Surely doing the obvious is the opposite of cool, what we used to call “sensible”.
I am assuming the people designing virtualization software are putting some security in there and that it will be considerable more secure than end user systems just because it is not designed for end users. It can’t be tweaked with downloaded screen savers and won’t have clots (oops, busy, non technical people) opening dodgy emails.
Going back to the phone exchange analogy, I hope it might be a bit harder to get in there and plant a bug - or am I being optimistic and expecting people to do the obvious (cool?) thing?
Rated: 100% (1 votes)
Loading ...Comment by John Troyer - April 10, 2008 on 11:53 pm
Well, it might be obvious, but everybody loves a good story with a good set of code names: “blue pill”, “hyperjacking”. It sounds like an episode of 24. However, I wouldn’t be losing much sleep at this point.
Some good background on blue pill:
http://x86vmm.blogspot.com/2007/07/bluepill-detection-in-two-easy-steps.html
http://www.virtualization.info/2006/08/debunking-blue-pill-myth.html
You might also be interested in our VMsafe technology: http://www.vmware.com/overview/security/vmsafe.html
Disclaimer: I work for VMware.
Comment by Dave F - April 16, 2008 on 10:35 am
Hi John - sorry your comment was waiting for me to approve it, not overly surprising given some of the terms in there. Most comments / mails including mention of pills of that colour do tend to be spam! Interestingly I didn’t receive notification that I had a comment to moderate - I guess that went in the spam bin too 
Don’t get me wrong, I think virtualization is no worse and probably safer than “real” (what is the correct term for non-virtual in this context?). But someone telling me a hacked hosting system opens all the guests up seems unnecessary scare mongering.
Make a comment
Tag cloud
Archives
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
Most commented posts
Highest Rated Blog Posts
- No excuse - it's free to encrypt! (100%)
- PC Advance Required (100%)
- Virtualization's Dark Side - or stating the obvious for beginners (100%)
- Tabs - I might change my mind? (100%)
- Which Linux do you drink? (100%)
- Sat Nag (100%)
- Is your back door open? (90%)
- What they don't say... (90%)
- Measuring the Metrics (80%)
- Dual Booting - grubs up? (80%)