×
Security

VM-Based Rootkits Proved Easily Detectable 128

Posted by kdawson from the take-one-blue-pill-and-call-me-in-the-morning dept.
paleshadows writes "A year and a half has passed since SubVirt, the first VMM (virtual machine monitor) based rootkit, was introduced (PDF), covered in the tech press, and discussed here. Later Joanna Rutkowska made news by claiming she had a VMM-based attack on Vista that was undetectable — a claim that was roundly challenged. Now in this year's HotOS workshop, researchers from Stanford, CMU, VMware, and XenSource have published a paper titled Compatibility Is Not Transparency: VMM Detection Myths and Realities (PDF) showing that VMM-based rootkits are actually easily detectable."
Sun Microsystems

Sun Acquires CFS/Lustre, Becomes Windows OEM 138

Posted by ScuttleMonkey from the new-toys-to-play-with dept.
anzha writes "Sun Microsystems announced today that they are acquiring Cluster File Systems Inc. CFS owns the intellectual property related to and develops the open source file system known as Lustre." Relatedly Sun has also signed an agreement with Microsoft to be a Windows OEM. "Sun and Microsoft will work together to ensure that Solaris runs well as a guest on Microsoft virtualization technologies and that Windows Server runs well as a guest on Sun's virtualization technologies. Sun and Microsoft will work together on a support process for customers who are using the virtualization solutions. This joint commitment to customers ensures that Windows and Solaris will provide a solid virtualization experience."
Microsoft

Microsoft and Novell Open Interoperability Lab 113

Posted by ScuttleMonkey from the still-in-the-skeptic-camp dept.
An anonymous reader writes to mention that the Microsoft and Novell Interoperability Lab in Cambridge, Massachusetts opened today. The lab is supposed to allow both Novell and Microsoft developers to work together for better interoperability between SUSE and Windows Server. "Located in Cambridge, the 2,500-square-foot lab and workspace will be home to a combined team of the best and brightest Microsoft and Novell engineers focused on making Windows Server and SUSE Linux Enterprise work better together. The first priority for the lab team will be to ensure interoperability between Microsoft and Novell virtualization technologies. Additional work will include standards-based systems management, identity federation and compatibility of office document formats."
Intel

Intel Updates vPro Platform and Features 77

Posted by kdawson from the chain-of-trust dept.
MojoKid writes "Intel's has certified the Core 2 Duo E6550, E6750, and E6850 processors for vPro, and is releasing the new low-power Q35 Express chipset with a companion ICH9-DO Southbridge, and 82566DM Gigabit Network controller. With these new chispets and technologies, the vPro platform offers next-generation Intel Active Management Technology, enhanced Intel Virtualization Technology, and Intel Trusted Execution Technology (aka Intel TXT). vPro also supports next-generation management standards like WS-MAN and DASH (draft 1.0 spec) and v1.2 of the Trusted Platform Module. Intel has plans to provide continual updates to the vPro platform and will likely enhance vPro further after the launch of their 'Montevina' platform in the first half on 2008."
Software

Citrix Announces Agreement to Acquire XenSource 86

Posted by CowboyNeal from the two-great-tastes dept.
An anonymous reader writes "'Citrix has signed a definitive agreement to acquire XenSource a leader in enterprise-grade virtual infrastructure solutions. The acquisition moves Citrix into adjacent and fast growing datacenter and desktop virtualization markets.' For nearly $500 million, including about $100 million of unvested options, Citrix would be purchasing VMWare's closest competitor in the server virtualization market, with XenEnterprise v4 offering technology similar to VMWare's flagship product — and arguably overtake them as a combined solution, as VMWare offers little in the realm of application and desktop virtualization. Though subject to the customary closing conditions, both boards of directors have approved the transaction, and the deal is expected to close in Q4 of 2007."
Operating Systems

Dell Considers Bundling Virtualization on Mobos 138

Posted by Zonk from the wave-of-the-future dept.
castrox writes "Ars Technica is reporting that Dell may be considering bundling virtualization on some of their motherboards. No more dual boot or VMs inside the running OS? 'Any way you slice it, though, putting the hypervisor in a chunk of flash and letting it handle loading the OS is the way forward, especially for servers and probably even for enterprise desktops. Boot times, power consumption, security, and flexibility are all reasons to do this ... The big question is: which hypervisor will Dell bundle with its machines? Vance suggests hypervisors from XenSource and VMware as two options, but I think that VMware is the most likely candidate since it seems to be the x86 virtualization solution of choice for the moment. However, if Dell doesn't try too hard to lock it down, this system could easily be modified in an aftermarket fashion to include almost any hypervisor that could fit on the flash chip.'"
Security

Cambridge Researcher Breaks OpenBSD Systrace 194

Posted by kdawson from the without-a-trace dept.
An anonymous reader writes "University of Cambridge researcher Robert Watson has published a paper at the First USENIX Workshop On Offensive Technology in which he describes serious vulnerabilities in OpenBSD's Systrace, Sudo, Sysjail, the TIS GSWTK framework, and CerbNG. The technique is also effective against many commercially available anti-virus systems. His slides include sample exploit code that bypasses access control, virtualization, and intrusion detection in under 20 lines of C code consisting solely of memcpy() and fork(). Sysjail has now withdrawn their software, recommending against any use, and NetBSD has disabled Systrace by default in their upcoming release."
Programming

Creative Documentation 136

Posted by CmdrTaco
FuriousCurio writes "Linux kernel hackers appear to be an endlessly creative group of individuals. In response to previous documentation attempts not having been read by many people, KernelTrap is reporting about how the lguest documentation was prepared to be something of an adventure story. Self-proclaimed to turn you into an lguest expert, lguest being one of the new solutions for running a virtual instance of the Linux operating system as a user process within a real instance of the Linux operating system, the documentation mixes humor and wit into puzzles, poetry, and of course source code and a low-level understanding of virtualization. But the questions remains, will making documentation more entertaining actually work to get people to read it?"
Linux Business

Virtual Containerization 185

Posted by kdawson from the v12n-is-for-c14n dept.
AlexGr alerts us to a piece by Jeff Gould up on Interop News. Quoting: "It's becoming increasingly clear that the most important use of virtualization is not to consolidate hardware boxes but to protect applications from the vagaries of the operating environments they run on. It's all about 'containerization,' to employ a really ugly but useful word. Until fairly recently this was anything but the consensus view. On the contrary, the idea that virtualization is mostly about consolidation has been conventional wisdom ever since IDC started touting VMware's roaring success as one of the reasons behind last year's slowdown in server hardware sales."
Operating Systems

Linux Gains Two New Virtualization Solutions 170

Posted by CowboyNeal from the almost-as-good-as-the-real-thing dept.
An anonymous reader writes "The upcoming 2.6.23 kernel has gained two new virtualization solutions. According to KernelTrap, both Xen and lguest have been merged into the mainline kernel. These two virtualization solutions join the already merged KVM, offering Linux multiple ways to run multiple virtual machines each running their own OS."
Software

Intel Invests $218M in VMWare, Preparing for IPO 88

Posted by Zonk from the hey-there-little-buddy dept.
RulerOf writes "TechNewsWorld is carrying an article detailing that Intel has made an investment in VMWare for $218.5 million in anticipation of VMWare's imminent IPO. With an expected value of $23-25 a share, VMWare's IPO shows a value of $950 million. This investment brings Intel to an approximately 13% ownership of the EMC subsidiary, and helps to strengthen ties between the two companies. According to the article, 'VMware's virtualization platform runs on Intel architecture and most deployments of the tools are on systems using Intel chips.'"
Linux Business

Desperately Seeking Xen 192

Posted by kdawson from the whither-the-gorilla-killer dept.
AlexGr sends us to an excellent article on the state of Xen by Jeff Gould (Peerstone Research). He concludes that the virtualization technology has some maturing to do and will face increasing competition for the privilege of taking on VMWare. Quoting: "What's going on with Xen, the open source hypervisor that was supposed to give VMware a run for its money? I can't remember how many IT trade press articles, blog posts and vendor white papers I've read about Xen in the last few years... The vast majority of those articles — including a few I've written myself — take it as an article of faith that Xen's paravirtualizing technical approach and open source business model are inherently superior to the closed source alternatives from VMware or Microsoft."

Microsoft's Virtualization Stance Eying Apple? 238

Posted by Zonk from the shifty-glances dept.
Pisces writes "Over the past several days, Microsoft has flip-flopped on virtualization in Vista, with one ascribing the change in policy to concerns over DRM. A piece at Ars Technica raises another, more likely possibility: fear of Apple. Apple is technically an OEM, and could offer copies of Vista at a discounted price. 'All of this paints a picture in which Apple could use OEM pricing to offer Windows for its Macs at greatly reduced prices and running in a VM. The latter is absolutely crucial; telling users that they need to reboot into their Windows OS isn't nearly as sexy as, say, Coherence in Parallels. If you've never seen Coherence, it's quite amazing. You don't need to run Windows apps in a VM window of Vista. Instead, the apps appear to run in OS X itself, and the environment is (mostly) hidden away. VMWare also has similar technology, dubbed Unity.' Is Microsoft terrified of a world where Windows can be virtualized and forced to take a back seat to Mac OS X or Linux?"
Microsoft

Virtualization May Break Vista DRM 294

Posted by Zonk from the couldn't-they-have-just-said-that dept.
Nom du Keyboard writes "An article in Computerworld posits that the reason Microsoft has flip-flopped on allowing all versions of Vista to be run in virtual machines, is that it breaks the Vista DRM beyond detection, or repair. So is every future advance in computer security and/or usability going to be held hostage to the gods of Hollywood and Digital Restrictions Management? 'Will encouraging consumer virtualization result in a major uptick in piracy? Not anytime soon, say analysts. One of the main obstacles is the massive size of VMs. Because they include the operating system, the simulated hardware, as well as the software and/or multimedia files, VMs can easily run in the tens of gigabytes, making them hard to exchange over the Internet. But DeGroot says that problem can be partly overcome with .zip and compression tools -- some, ironically, even supplied by Microsoft itself.'"
Microsoft

Microsoft Flip-flopping on Virtualization License 304

Posted by samzenpus from the make-up-your-mind dept.
Cole writes "Microsoft came within a few hours of reversing its EULA-based ban on the virtualization of Vista Basic and Premium, only to cancel the announcement at the last minute. The company reached out to media and bloggers about the announcement and was ready to celebrate "user choice" before pulling the plug, apparently clinging to security excuses. From the article, "The threat of hypervisor malware affects Ultimate and Business editions just as much as Home Premium and Basic. As such, the only logical explanation is that Microsoft is using pricing to discourage users from virtualizing those OSes. Since when is a price tag an effective means of combating malware?" Something else must be going on here."
Microsoft

Microsoft Pleads With Consumers to Adopt Vista Now 912

Posted by Zonk from the our-os-is-so-awesomez dept.
SlinkySausage writes "Microsoft has admitted, in an email to the press, that 'some customers may be waiting to adopt Windows Vista because they've heard rumors about device or application compatibility issues, or because they think they should wait for a service pack release.' The company is now pleading with customers not to wait until the release of SP1 at the end of the year, launching a 'fact rich' program to try to convince them to 'proceed with confidence'. The announcement coincides with an embarrassing double-backflip: Microsoft had pre-briefed journalists that it was going to allow home users to run Vista basic and premium under virtual machines like VMWare, but it changed its mind at the last minute and pulled the announcement."
Book Reviews

Linux System Administration 74

Posted by samzenpus from the read-all-about-it dept.
Bob Uhl writes "I've just finished reading a review copy of O'Reilly's latest GNU/Linux title, Linux System Administration. It's a handy introduction for the beginner GNU/Linux sysadmin, and a useful addition to an experienced sysadmin's bookshelf. The book is essentially a survey of various Linux system-administration tasks: installing Debian; setting up LAMP; configuring a load-balancing, high-availability environment; working with virtualization. None of the chapters are in-depth examinations of their subjects; rather, they're enough to get you started and familiar with the concepts involved, and headed in the right direction." Read below for the rest of Bob's review.
Apple

Parallels 3.0 Announced, 3D Graphics Included 242

Posted by Zonk from the did-you-know-you-can-play-games-on-your-computer dept.
99BottlesOfBeerInMyF writes "For some time Mac users have been waiting to see who would bring 3D graphics to a Windows emulation/virtualization solution under OS X. It looks like Parallels is going to be the winner. They have announced an RC of Parallels 3.0, with the final to be available 'in a few weeks.' For anyone else tired of Bootcamp or rebooting to play a Windows game, it look like the solution is finally here; I'm not counting out VMWare entirely. Obviously it will depend on how soon they can catch up, but there is some serious first-mover advantage here for Parallels."
Google

Google Buys Anti-Malware Security Startup 125

Posted by Zonk from the securing-the-border-by-any-means-neccessary dept.
J Tomas writes "Google has quietly made its first anti-malware acquisition, snapping up GreenBorder Technologies, a venture-backed company that sells browser virtualization security software. GreenBorder's software creates a DMZ (demilitarized zone) between the Windows desktop and programs downloaded from Web pages or opened from e-mail messages in Microsoft Outlook. The early speculation is that Google will add the sandbox technology to the Google Toolbar or release a rebranded version as a standalone download."
Operating Systems

Performance Evaluation of Xen Vs. OpenVZ 116

Posted by kdawson from the price-to-pay dept.
An anonymous reader writes "Compared to an operating-system-level virtualization technology like OpenVZ, Xen — a hypervisor-level virtualization technology that allows multiple operating systems to be run with and without para-virtualization — trades off performance for much better isolation and security. OpenVZ's performance advantage due to running virtual containers in a single operating system kernel can be significant. A performance evaluation study (PDF) done by researchers at the University of Michigan and HP labs provides insight into how big a performance penalty Zen pays and what causes the overheads (primarily L2 cache misses)." From the report: "We compare both technologies with a base system in terms of application performance, resource consumption, scalability, low-level system metrics like cache misses and virtualization-specific metrics like Domain-0 consumption in Xen. Our experiments indicate that the average response time can increase by over 400% in Xen and only a modest 100% in OpenVZ as the number of application instances grows from one to four... A similar trend is observed in CPU consumptions of virtual containers."

Slashdot Top Deals