Click here to receive your FREE subscription to Campus Technology
News
Virtualization Showdown at Black Hat
8/1/2008
|
|
Next week at the Black Hat conference in Las Vegas, security researcher Joanna Rutkowska promises to demonstrate how a malicious attacker, working remotely, could take control of the open-source Xen virtualization software.
If successful, Rutkowska and her team will be the first researchers to demonstrate how to compromise a Xen hypervisor, that crucial layer of virtualization software underneath all the virtualized environments running on a machine, one that provides direct connections to the processor, memory and hardware devices.
"Many people [have] argued that having a legitimate hypervisor installed prevents installation of virtualization-based malware. We will show that this is not the case," she said in an e-mail interview.
For the conference, Rutkowska will oversee three presentations, which will be given by herself, Rafal Wojtczuk and Alex Tereshkin. In addition to showing how to install the rootkit, they also plan to show how someone could bypass the security monitoring mechanisms that would normally detect such an attack. Finally, and perhaps most importantly, they will show how users could prevent such attacks.
Citrix system chief security strategist Kurt Roemer expects Rutkowska's disclosure will generate more publicity than prove to be a serious threat to operating instances of the software. He likens it to "sensationalist attacks," that frequently are weighed against virtualization software. Citrix offers a commercially-supported version of Xen.
Roemer has not seen Rutkowska's presentation, but he does point out that the attack will probably rely upon the attacker having root access to the server running Xen. "That's not a normal model," he noted.
Rutkowska confirmed that root access is needed. Much like root access is needed to install a root kit on a server, so too will administrative access be needed to breech Xen. Rutkowska argued, however, that her work is still important.
"Years ago other vendors tried to downplay the importance of ... [Microsoft] Windows kernel rootkits, saying that one needed to already be an administrator in order to install one. As we know, over the last couple of years, kernel rootkits became a very serious security problem," she commented.
Recommended Reading
- Beck Technology Donates DProfiler to Colleges, Universities
Beck Technology recently announced that it will donate its DProfiler software platform to colleges and universities for use in construction-related coursework.
- Microsoft Adds Gen 4 Datacenters for Cloud Computing
Microsoft is initiating the fourth in a series of datacenter upgrades to enable its cloud computing services, according to a Microsoft blog post Tuesday. And, like everything else in the software world, being highly modular is a good thing.
- Can You Operate as a Virtual Being?
Now that we are conducting at least a part of our business of education virtually and often meeting in virtual environments, let's explore the really big question for academics in a Web 2.0 era...
- Columbia Center To Smooth Web Operations with Collaboration Suite
A college or university without a Web site is inconceivable today, but with every site comes the challenge of managing content. Some sort of automated system is a given, but how much should the site's content management system integrate with other aspects of the campus computing infrastructure?
- IBM's Pass It Along: Mapping Memes Toward A Learning Organization
How IBM's new release is following through on old challenges... big ones.
- North Idaho College To Provide Accessible Lecture Recordings for Disabled Students
North Idaho College will be implementing a new classroom capture system as part of an effort to provide accessible education to students with disabilities. The college will be using SpeakerBox from ClearSky Systems for the lecture capture program beginning in January 2009.
