> What effect would this same hack have on the intended target if the x86 > system being targeted was running as a guest under z/VM? Wouldn't the > ill effects be reduced by the wall between virtual guests inherent with > z/VM?
The x86 hypervisors have a "wall" between guests too. The first published exploits of which I'm aware are over a year old now. The attack described above would have to be tailored to the x86-on-zVM environment, but the point is that a hypervisor is a software system and just as prone to implementation errors and design flaws as any other software system. VM's advantages would appear to be: 1. Many years of refinement. 2. Less knowledge of its internals in the broad public. 3. Typically more formally engineered security and operating environments The first is weakened by the fact that the product undergoes development which can introduce new bugs. The second is prone to an attack by a moderately well funded opponent who decides that something worth stealing is held inside such a system. Organized crime, e.g. in Russia, has already demonstrated a willingness and capability to organize fairly sophisticated technical attacks where there's enough incentive. The third may be the best hope, but it is prone to the principle that the white hats have to get it right every time, whereas an opponent only has to get lucky once. De
