Hoff owned me. In an email he claimed he pwned me, but he totally didn’t earn that p.
Apparently I’m slightly late to the game in talking about hyperjackstacks (we’re back on virtualization, in case I lost you). That’s something I’m totally willing to concede, especially since I’m more of a data and applications guy.
Chris agrees that this is an important issue, but then asks:
Ultimately though, I think that the point of response boils down to the definition of the mechanisms used in the detection of a malicious VMM/HV. I ask you Rich, please define a “malicious” VMM/HV from one steeped in goodness.
Umm, one that does bad stuff? Like sniff data, mess with things? Du
o, I’m a little buzzed right now from some good organic wine.
Thomas explained things a little better and I think we hit a bit of agreement. Basically, the concern is that if someone compromises the hypervisor somehow, they can do all sorts of badness. Thomas, in the comments to his post, shows how one potential solution is to nudge the hypervisor aside and run checks against it (while you’re unvirutalized, I just made up a word). But I think the real solution is something Hoff mentions that I also mentioned in my post, albeit without the proper name:
Intel TXT ensures that virtual machine monitors are less vulnerable to attacks that cannot be detected by today’s conventional software-security solutions. By isolating assigned memory through this hardware-based protection, it keeps data in each virtual partition protected from unauthorized access from software in another partition.
Yep- dump the problem to hardware. I think that’s where we’re headed, so all this debate serves as a friendly reminder to our big chip manufacturing brethren that probably don’t pay attention to any of our blogs.
But then the bad guys will compromise the hardware, and we’ll defend against that, and then… you get the circle jerk of pain reference yet?
Like everything, it’s always an arms race. Good news is I think this is one of the more manageable problems we face, and the work of Thomas and Joanna will go a long way towards nudging the vendors to reduce our pain.
Can I talk about DLP again now?
Comments