On Sun, Sep 27, 2015, at 09:34 PM, jungle Boogie wrote: > On 27 September 2015 at 17:34, Eric Furman <ericfur...@fastmail.net> > wrote: > > Just search for VM and security on the internets and see > > what comes up. Secure they are not. > > > Where in the blog does Matt discuss 'secure' and/or 'security' outside > of discussing freebsd binary updates system? It seems he's aware of > how insecure the setup is and its more of a convenience. > > I think it's quite clear what Matt wants: ipsec without the need to > compile in the special bits needed for it in freebsd.
Reread the whole thread. He doesn't mention it in his blog. He asks about it in this thread. Stuart comments on his setup by saying; "This has an impact on security, of course.' He came back and asked how. And making a statement that clearly demonstrates that he does not understand the risks of VMs. Then Theo says we don't need to explain it to him. If you understand security the problems are self evident. Then he came back and implied that the running of a text editor was comparable in security risk as running a VM. And then he states; "For me, this is a very nice blend of security, manageability and convenience for my use-case." This statement clearly demonstrates that he believes his setup is secure. When, in fact, it is not. That's why the security implications were brought up. Hope this helps.
