alphadogg writes "Microsoft's U.S. general manager/chief security advisor for its National Security Team, Bret Arsenault, thinks like a true security professional. In every bit of good news, he wonders what bad news could be coming. Application security, virtualization security and the fact that over half of computer attacks seen by Microsoft come from the .edu domain are just some of the things keeping him up at night."

whitehartstag writes to mention that Microsoft has announced their new Hyper-V as feature-complete. Unfortunately the list of supported systems is disappointingly short. "No offense to SUSE Enterprise Server crowd, but only providing SUSE support in Hyper-V is a huge mistake. By not supporting Red Hat, Fedora, CentOS, and BSD, Microsoft is telling us Hyper-V is a Microsoft only technology. More Mt. Redmond, Microsoft center of the universe thinking. That's disappointing. Sure, if you are a Microsoft only shop, Hyper-V will be an option for virtualization. But so will VMware and XenServer. But if you run a mixed shop, Hyper-V won't solve your problems alone — you'll have to also add VMware or Xen to your virtualized data center portfolio. Or just go with VMware and Xen and forego Hyper-V."

BaCa writes "Core Security has issued an advisory disclosing a vulnerability that could severely impact organizations relying on VMware's desktop virtualization software. It involves directory traversal using VMware's shared folders, and could allow an attacker access to the host system from a guest VM. Core also released an exploit for the vulnerability."

blackbearnh writes "FreeBSD is about to release the much-anticipated version 7, and as usual there's a comprehensive interview with over two dozen of the major contributors over at O'Reilly's ONLamp site. Federico Biancuzzi interviewed the developers to discuss all the details of FreeBSD 7.0: networking and SMP performance, SCTP support, the new IPSEC stack, virtualization, monitoring frameworks, ports, storage limits and a new journaling facility, what changed in the accounting file format, jemalloc(), ULE, and more."

stinkymountain writes to tell us that NetworkWorld got their hands on Microsoft's latest addition to the server OS market and had a chance to poke around inside Windows Server 2008. It seems that the new release is a vast improvement over older versions in both security and performance but still lacking in several key areas. "There's even a minimalist installation called Windows Server Core that can run various server roles (such as DNS, DHCP, Active Directory components) but not applications (like SQL Server or IIS dynamic pages). It's otherwise a scripted host system for headless operations. There's no GUI front end to a Windows Server Core box, but it is managed by a command line interface (CLI), scripts, remotely via System Manager or other management applications that support Windows Management Instrumentation (WMI), or by Remote Terminal Services. It's also a potential resource-slimmed substrate for Hyper-V and virtualization architectures."

BobB writes to mention Sun has acquired Innotek, open source desktop virtualization vendor. "VirtualBox will remain free of charge under Sun and be placed in the company's xVM portfolio of virtualization products, Steve Wilson, Sun's vice president of xVM, wrote in a blog posting. 'If we're going to continue to give it away, why is Sun investing in VirtualBox? In short, because the developers that build applications have a huge amount of influence on how they're deployed," Wilson wrote in his blog. "We believe that developers using VirtualBox can help guide their friends in the data center towards xVM Server as the preferred deployment engine. Beyond that, I think there is a huge opportunity to link with Sun's other developer-related assets like NetBeans, Glassfish and (soon) MySQL.'"

derrida writes "Because the traditional System V init daemon (SysVinit) does not deal well with modern hardware, including hotplug devices, USB hard and flash drives, and network-mounted filesystems, Ubuntu replaced it with the upstart init daemon. Several other replacements for SysVinit are also available. One of the most prominent, initng, is available for Debian and runs on Ubuntu. Solaris uses SMF (Service Management Facility) and Mac OS uses launchd. Over time, Ubuntu will likely come to incorporate features of each of these systems into Upstart. Furthermore, heading in a different direction from its main rivals, Ubuntu Linux will use KVM as its primary virtualization software. Red Hat Enterprise Linux and Novell's Suse Linux Enterprise Server both use the Xen virtualization software, a 'hypervisor' layer that lets multiple operating systems run on the same computer. In contrast, the KVM software runs on top of a version of Linux, the 'host' operating system that provides a foundation for other 'guest' operating systems to run in a virtual mode." Slashdot shares a corporate overlord with Linux.com.

Kaz writes "While not operating on the same scale as the two major CPU designers, VIA has been gaining traction in the world of UMPCs and thin clients with its Eden and C7 lines of processors. While past architectures have been considerably out-of-date in terms of modern features, the new Isaiah architecture looks to be very competitive with what AMD and Intel have lined up for future ultra-mobile products. It features an out-of-order, superscalar execution core, 64-bit support, virtualization, and even SSE3 — all on a 94M-transistor, 65nm process die. The initial offering will be single-core only, though VIA says that multi-core ability is already designed in. Is Isaiah going to replace your Core 2 system for gaming? No, but it might give Intel's Silverthorne a run for the money."

billstewart writes "The Wall Street Journal reports that Microsoft will be announcing a virtualization strategy on Tuesday. Of course there's plenty of focus on the competition with VMware, including the obligatory reference to Microsoft's entry into the browser wars prior to cutting off Netscape's air supply. The pieces of the picture will include: an alliance with Citrix Systems, owners of XenSource; acquisition of privately held Calista Technologies of San Jose, which has software that speeds up the performance of applications running in a virtualized environment; and lower price for Windows Vista used on virtualized computers. Microsoft also reversed its earlier position and will now allow the Home Basic and Home Premium versions of Vista to run under virtualization. The company confirmed its plans to deliver its Hyper-V hypervisor within six months of the launch of Windows Server 2008 (betas available now), which is expected this quarter."

1sockchuck writes "Sun Microsystems wants to cut its IT department's data center footprint in half within five years, and then eliminate in-house data centers completely shortly afterward. 'Our goal is to reduce our entire data center presence by 2015,' writes Sun data center architect Brian Cinque, who says Sun hopes to shift its in-house IT to a software-as-a-service model. Sun will use virtualization and consolidation to reduce its data center space and energy usage by 50 percent by 2013, with a goal of moving it all online two years later. Sun's plan reflects the shift to utility computing discussed in Nicholas Carr's new book, which we debated earlier this week."

lgmac writes "A new survey on the results of Enterprise use of virtualization shows that the process is seeing wide and appreciative use. Technical hurdles are obviously the biggest problem facing corporate IT shops. Just the same, political squabbles among IT staffers fighting for turf after being forced to work together in new ways seems to be a going concern as well. 'Technical woes rank higher--to be expected when CIOs deploy a new technology such as virtualization. However, the politics pain many of you. Remember, virtualization not only asks people to cede some control over their physical server kingdoms, but also asks IT experts from different realms to work more closely together.'"

BobB writes "Oracle is going after its piece of the hot virtualization market by introducing an open source Xen-based hypervisor to compete against those from Novell, Red Hat, and VMware. Oracle VM, unveiled Monday at the Oracle OpenWorld convention in San Francisco, enables virtualization on Oracle and non-Oracle software applications and on the Linux and Windows OSs. It also operates on industry-standard x86- and x86-64-based servers. Oracle claims it offers virtualization at a lower cost than competitors can." VMware stock dropped over 10% on the news; Oracle's stock rose. The market was not punishing Oracle for the unpatched zero-day vulnerability (public exploit available) that the company won't patch until Jan. 15.

Bergkamp10 writes "Over the weekend Intel launched its long-awaited new 'Penryn' line of power-efficient microprocessors, designed to deliver better graphics and application performance as well as virtualization capabilities. The processors are the first to use high-k metal-gate transistors, which makes them faster and less leaky compared with earlier processors that have silicon gates. The processor is lead free and by next year Intel is planning to produce chips that are halogen free, making them more environmentally friendly. Penryn processors jump to higher clock rates and feature cache and design improvements that boost the processors' performance compared with earlier 65-nm processors, which should attract the interest of business workstation users and gamers looking for improved system and media performance."

eldavojohn writes "Red Hat has announced their release of Red Hat Enterprise Linux 5.1, which includes integrated virtualization. Also of note, 'Red Hat Enterprise Linux is also available on Amazon's Elastic Compute Cloud (Amazon EC2), a web service that provides resizeable compute capacity in the cloud. This collaboration makes all the capabilities of Red Hat Enterprise Linux, including the Red Hat Network management service, world-class technical support and over 3,400 certified applications, available to customers on Amazon's proven network infrastructure and datacenters.'"

Glenn Fleishman writes "Apple has changed its license for Mac OS X Server 10.5 (Leopard Server) to allow virtualized instances. VMware and Parallels are poised to offer support. This probably presages a thoroughly overhauled Xserve product with greater capability for acting as a virtual machine server, too. 'Ben Rudolph, Director of Corporate Communications for Parallels, told me, "Enabling Leopard Server to run in a virtual machine may take some time, but we're working closely with Apple on it and will make it public as quickly as possible." Pat Lee, Product Manager at VMware, concurred, saying "We applaud Apple for the exciting licensing changes implemented in Leopard Server. Apple customers can now run Mac OS X Server, Windows, Linux and other x86 operating systems simultaneously on Apple hardware so we are excited about the possibilities this change presents." Although neither company committed to specific features or timetables, it appears as though we should be seeing virtualization products from both that will enable an Xserve to run multiple copies of Leopard Server in virtual machines.'"

ParaFan writes "In a fascinating story on KernelTrap, Theo de Raadt asserts that while virtualization can increase hardware utilization, it does not in any way improve security. In fact, he contends the exact opposite is true: 'You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes.' de Raadt argues that the lack of support for process isolation on x86 hardware combined with numerous bugs in the architecture are a formula for virtualization decreasing overall security, not increasing it."

diegocgteleline.es writes "After 3 months, Linus has released Linux 2.6.23. This version includes the new and shiny CFS process scheduler, a simpler read-ahead mechanism, the lguest 'Linux-on-Linux' paravirtualization hypervisor, XEN guest support, KVM smp guest support, and variable process argument length. SLUB is now the default slab allocator, there's SELinux protection for exploiting null dereferences using mmap, XFS and ext4 improvements, PPP over L2TP support. Also the 'lumpy' reclaim algorithm, a userspace driver framework, the O_CLOEXEC file descriptor flag, splice improvements, a new fallocate() syscall, lock statistics, support for multiqueue network devices, various new drivers, and many other minor features and fixes. See the changelog for details."

An anonymous reader sends in word of a privilege escalation security issue identified in the open source Xen hypervisor. Xen has issued a hotfix and urged all users to install it. The problem was disclosed by Secunia last week. A user of a guest domain with root privileges could execute arbitrary commands in domain 0 via specially crafted entries in grub.conf when the guest system is booted.

paleshadows writes "A year and a half has passed since SubVirt, the first VMM (virtual machine monitor) based rootkit, was introduced (PDF), covered in the tech press, and discussed here. Later Joanna Rutkowska made news by claiming she had a VMM-based attack on Vista that was undetectable — a claim that was roundly challenged. Now in this year's HotOS workshop, researchers from Stanford, CMU, VMware, and XenSource have published a paper titled Compatibility Is Not Transparency: VMM Detection Myths and Realities (PDF) showing that VMM-based rootkits are actually easily detectable."

anzha writes "Sun Microsystems announced today that they are acquiring Cluster File Systems Inc. CFS owns the intellectual property related to and develops the open source file system known as Lustre." Relatedly Sun has also signed an agreement with Microsoft to be a Windows OEM. "Sun and Microsoft will work together to ensure that Solaris runs well as a guest on Microsoft virtualization technologies and that Windows Server runs well as a guest on Sun's virtualization technologies. Sun and Microsoft will work together on a support process for customers who are using the virtualization solutions. This joint commitment to customers ensures that Windows and Solaris will provide a solid virtualization experience."