[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

an ominous comment

To: Florian Weimer <[email protected]>
Subject: an ominous comment
From: [email protected] (Georgi Guninski)
Date: Sun, 19 Jul 2015 16:54:45 +0300
Cc: [email protected]
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]$> <[email protected]>

On Sun, Jul 19, 2015 at 10:15:38AM +0200, Florian Weimer wrote:
> * Georgi Guninski:
> 
> > You should be aware of the numerous virtualization
> > sploits -- Xen, Qemu, possibly others.
> >
> > Exploiting a virtualization bug is just the fee
> > "to be in cloud" and I _suspect_ more efforts
> > are needed for my boxen.
> 
> Not all service providers hand you the capability to run arbitrary
> code to run VM exploits, so you have to exploit an application bug
> first.  (And the application may even run on bare metal.)
> 
> Service providers can also provision VMs in such a way that customers
> can only attack themselves.

Really? Isn't this too expensive for times of crisis like this?

Anyway, me conjecture that there are plenty of bugs alive.

References:
- an ominous comment
  - From: [email protected] ([email protected])
- an ominous comment
  - From: [email protected] (Florian Weimer)
- an ominous comment
  - From: [email protected] (Georgi Guninski)
- an ominous comment
  - From: [email protected] (Florian Weimer)

Prev by Date: an ominous comment
Next by Date: Encryption Rights - A Google+ community
Previous by thread: an ominous comment
Next by thread: an ominous comment
Index(es):
- Date
- Thread