Comments on: VMsafe: Cool for Virtualization Security, but no Panacea

By: Doing Things Better With Virtualization

Doing Things Better With Virtualization — Tue, 22 Dec 2009 14:47:37 +0000

[...] I talked about in this post, virtualization will offer new and interesting ways to improve security. VM state inspection (or [...]

By: No Security (or Management) Controls are Absolute When Users run as Administrators

Thu, 17 Dec 2009 19:50:16 +0000

[...] affects all vendors, not just the ones that answer the RFI/RFP honestly. This is another area where virtualization and introspection techniques offer new and interesting ways of implementing security controls outside of the OS container that [...]

By: VMware VMSafe – Are there any actual products yet? – Gestalt IT

VMware VMSafe – Are there any actual products yet? – Gestalt IT — Thu, 10 Dec 2009 15:00:59 +0000

[...] Neil Macdonald of Gartner makes a good point about the potential for VMSafe appliances to introduce possible security vulnerabilities at a lower level in the infrastructure. [...]

By: VMware vSphere VMSafe - are there any actual products yet? | VirtualPro

VMware vSphere VMSafe - are there any actual products yet? | VirtualPro — Tue, 01 Dec 2009 19:59:40 +0000

[...] Neil Macdonald of Gartner makes a good point about the potential for VMSafe appliances to introduce possible security vulnerabilities at a lower level in the infrastructure. [...]

By: Moore’s Law Enables Virtualized Security

Moore’s Law Enables Virtualized Security — Fri, 28 Aug 2009 18:42:45 +0000

[...] ever-increasing number of cores available along with advances like VMsafe and VMsafe’s “fast path” as well as improvements in i/o virtualization with next-generation [...]

By: The 5 Stages of Virtualization Security Vendor Maturity

The 5 Stages of Virtualization Security Vendor Maturity — Fri, 13 Mar 2009 22:39:08 +0000

[...] keeps saying they have a version “on their roadmap” or are using stall tactics like “we’re waiting on VMsafe before delivering a solution”. Worse, they appear on main stage at a big event like VMworld [...]

By: VMware Unveils vShield and Raises the Security Bar for all Virtualization Vendors

Wed, 04 Mar 2009 14:06:48 +0000

[...] The vShield technology comes out of VMware’s acquisition of Blue Lane in late 2008 and is able to enforce separation and isolation of VM-based workloads using logical constructs like VM and protocol identities. Note that vShield is really something different than the VMsafe set of APIs I discussed recently. [...]

By: Neil MacDonald

Neil MacDonald — Fri, 20 Feb 2009 17:01:09 +0000

History has shown that any technology that can be used for good things can also be used for bad things.

Virtualization helps us to reduce costs and improve efficiencies via data center consolidation. Then the bad guys figure out this new layer is an attractive target to hack and gain easy access to all of the workloads hosted on the server.

So, VMware develops VMsafe — a set of APIs for security tools to gain the upper hand on the bad guys. However, I can tell you with 100% certainty that these APIs will become a target for attack. Security software that has access to these sensitive APIs will be also become a target for attack.

Does this mean we don’t use these technologies? Not at all. But we need to think proactively how these technologies might be used in unexpected and malicious ways. The time to do this is before these technologies are put into use, not after something bad happens.

By: Robin Ore

Robin Ore — Fri, 20 Feb 2009 08:51:51 +0000

Great article! Thankyou for bringing up the issue. I wrote an article entitled, “The New Wireless World Order” and another entitled, “Your Brain and Civil Rights”. “Brainhacking”, as I called it is an unacceptable intrusion and in many ways can be considered potentially lethal. We cannot afford insecure virtual networks that access the human brain and body. In terms of network architecture and safeguarding privacy, it is important to address issues of who’s privacy. The users in these cases are using people they have access to, if a person has been “Brainhacked”. There is no question where brain to brain interfaces in the “clouds” of next generation networks is heading. Into the brains of little and big girls everywhere for games that may not at all be to their liking. The issues of security should focus first on children, scientists, government employees, women, men, and finally, pets. There won’t be any room for error. Once hackers have your “brain signature” and code information…your life is lost in the fog of mind control. Worse, our security and monitoring, unless computerized will be sub contracted out to India, China and Mexico.