Quicksearch
Disclaimer
The individual owning this blog works for Oracle in Germany. The opinions expressed here are his own, are not necessarily reviewed in advance by anyone but the individual author, and neither Oracle nor any other party necessarily agrees with them.
Breachable virtual machines?
Monday, April 23. 2007
The regular reader of my blog may have detected that iīm not really a fan of virtualisation in the Unix sphere. Server virtualisation is selled by itīs proponents as the cure-for-all-datacenter problems, but with a competent administration it solves a problem that doesnīt exist. You were able to split a machine for several tasks since the invention of Unix.
But there is another problem: Many user believe, that the seperation of a VM is comparable to real metal from a security standpoint. But: All virtualisation technologies are just large heaps of code, and it would be foolish to assume, that the hypervisor is more secure or less buggy than any other software of comparable size. But exactly this belief seems to exists, at least when you talk with many users of virtualisation, as most of them donīt take the hypervisor really into consideration from a security standpoint.
For a long time i had this suspicion, that there is no exploit to evade virtual machines only for the reason, that nobody searched for it and not out of a theoretical impracticality, because as i said it before: Itīs just software. Well, this dim feeling was confirmed by a paper of Tavis Ormandy of Google with the title "An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments". He found strong indices for the possibility to break out of virtual machines. The linked paper is a really interesting read.
To make it clear: I think, that virtualisation has some use cases, but they are not nescessarily those the media, analysts and other experts want tell you. At the end, i would like to put a question. You canīt think of them as really separated systems and virtual machines donīt really solve the problems of managing hundreds of operating system instances. But: Whatīs the remaining value proposition of virtual machine based virtualisation, when you take all this into consideration? Besides of herding Windows systems, you werenīt able to consolidate on a single operating environment ?
But there is another problem: Many user believe, that the seperation of a VM is comparable to real metal from a security standpoint. But: All virtualisation technologies are just large heaps of code, and it would be foolish to assume, that the hypervisor is more secure or less buggy than any other software of comparable size. But exactly this belief seems to exists, at least when you talk with many users of virtualisation, as most of them donīt take the hypervisor really into consideration from a security standpoint.
For a long time i had this suspicion, that there is no exploit to evade virtual machines only for the reason, that nobody searched for it and not out of a theoretical impracticality, because as i said it before: Itīs just software. Well, this dim feeling was confirmed by a paper of Tavis Ormandy of Google with the title "An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments". He found strong indices for the possibility to break out of virtual machines. The linked paper is a really interesting read.
To make it clear: I think, that virtualisation has some use cases, but they are not nescessarily those the media, analysts and other experts want tell you. At the end, i would like to put a question. You canīt think of them as really separated systems and virtual machines donīt really solve the problems of managing hundreds of operating system instances. But: Whatīs the remaining value proposition of virtual machine based virtualisation, when you take all this into consideration? Besides of herding Windows systems, you werenīt able to consolidate on a single operating environment ?
Posted by Joerg Moellenkamp
in English, The IT Business
at
19:47
| Comments (0)
| Trackbacks (3)
View as PDF: This entry | This month | Full blog
View as PDF: This entry | This month | Full blog
+1
The LKSF book
The book with the consolidated Less known Solaris Tutorials is available for download here
Web 2.0
Contact
Networking
xing.com
LinkedIn
Facebook
My photos
- mail: joerg@c0t0d0s0.org
- icq: 144000169
- Me, myself and I
- openBC
- My del.icio.us
- c0t0d0s0@twitter
- c0t0d0s0@last.fm
- wiki@c0t0d0s0
- Amazon Wishlist
Networking
xing.com
My photos
Buttons
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Germany License
Blog Administration
Donate
Okay, okay ... as several people have asked for it ... but you know my opinion.
One additional thought: Whenever an exploit against an hypervisor technology gets available, the least secured system compromises the security of all systems on the respective hardware. And as all virtual machines are independent kernel and operating syst
Tracked: Apr 26, 16:30
I wrote some month ago, that the increase in security in virtualized environments is more a feeled increased than a real one, as it would be foolish to assume that the hypervisor is a more stable, more secure oder less bug-infested piece of software than
Tracked: Oct 26, 07:54
My considerations about the security of virtual machines seem to be correct. The Register writes in VMware vuln exposes the perils of virtualization: The exploit uses a specially crafted path name to access folders that are being shared between the host a
Tracked: Feb 27, 10:23