What effect would this same hack have on the intended target if the x86 system being targeted was running as a guest under z/VM? Wouldn't the ill effects be reduced by the wall between virtual guests inherent with z/VM?
On 11/4/08 11:42 AM, "David Boyes" <[EMAIL PROTECTED]> wrote: > >> It seems our colleagues doing virtualization on Intel have another >> possible security >> concern to worry about now..... >>> By far the biggest concern related to virtual machine security is > the >> threat of >>> a virtual machine escape. A virtual machine escape is a theoretical > type >> of >>> attack in which an attacker uses a vulnerability within a virtual >> machine to >>> take control of either the underlying host operating system, or the >> hypervisor >>> itself. Upon doing so, the attacker could potentially gain control > of >> the other >>> virtual machines hosted on the server. >>> >>> Why is it such a threat? It's the fear of the unknown, that > eventually >> someone >>> will be able to do it. > > Not just possible; proven. It's been done on an Intel Pacifica chipset, > and there was an excellent paper in IEEE Transactions on Computer > Systems on how it was done. > --. .- .-. -.-- Gary Dennis Mantissa Corporation 1121 Edenton Street Birmingham, Alabama 35242-9257 p: 205.968-3942 m: 205.218-3937 f: 205.968.3932 [EMAIL PROTECTED] http://www.mantissa.com http://www.idovos.com
