Well, this post seems to get a lot of attention throughout the Internet. I
normally do not participate on argumentations about opinions. However, I
feel like I should get involved, as this is the field I am currently
commencing my PhD research in.
First, I think Theo is right when he states, that adding another layer of
software doesn9t increase security. That9s what we all learned painfully in
the past
Chroot and jails come to mind
(One has to dig deeper to find the
problem) It is also true that the x86 was never designed to provide
virtualization, besides, it also lacks proper separation. It wasn9t designed
to be a success
it just happened and we have to live with it. (This reminds
me of Microsoft introducing their extension to DOS, called Windows)
There are A LOT of caveats when it comes to virtualize the x86 architecture.
That9s the reason why Intels VT and AMDs SVM are necessary at all. (SVM
which, btw, stands for secure virtual machine - marketing is also something
we have to live with, whether you believe in it or not.)
It would be desirable to start over, design a new, none backwards
compatible, virtualizable hardware. Best, put an extra abstraction layer on
top of the hardware (put it in the BIOS or Firmware) and only deal with
those interfaces. Add some crypto features
et. voila. **sigh**
Unfortunately, we are not living in a perfect world. So what can
virtualization do for us? Speaking of paravirtualization as in the previous
posts, it may add a little security in comparison to jails, but it adds a
lot of convenience as handling of VMs gets easier.
Which is the main selling point, so the major interest in the near future
will be the handling of those virtual machines, and unfortunately not
security. Security, or the way we (I/some) see it, does not sell as good as
features. I have no doubt that exploiting a VM will become reality sooner or
later.
However, I would like to keep the discussion going, maybe in a less
offensive way?!
Cheers Carlo
