Virtualization and Security..

Printable View

February 6th, 2008, 06:43 PM
MrLinus

Virtualization and Security..

Are we there yet? As virtualization starts becoming more and more used (and well, because I've got some heavy ties into it now ;) ) I wonder if virtualization has reached a point where security becomes an issue.

From my experience most security issues for virtualization have rested on the "hosted" variants (that is, those that require a Windows or Linux OS underneath the virtualization application) -- like Redpill, scooby_doo and NoPill attacks. Along with those are the general issues that come with the hosted OS. On the other hand, with bare-metal hypervisors we're not seeing as many attacks.

Is this just a frontier waiting to happen? Or is it secure as it is? or what?

Thoughts, comments?
February 6th, 2008, 08:42 PM
Cemetric

Hmmm I've been wondering about that myself (yes I to have heavy ties into it ;) ).

For the moment (I say with my tongue in cheek) I think we're still reasonable safe, it takes a whole other thinking to start attacking at hardware level, and I think there aren't alot of people going there right now.

This doesn't mean it can't happen, there's a reason that Symantec and Intel are joining forces to develop chips with hardcoded security measures in them. Sure it's part Marketing and salestricks, but then again ...

As long as I don't see proof of the opposite (and I mean real proof, not the ifs and whens) that hopping between virtual switches that aren't connected is NOT possible, I'll be installing a firewall on bare metal ...
February 6th, 2008, 11:47 PM
oofki

I dont see it how it would be any less or more secure except that you may not have physical access to the host since it could be running on something like ESX and you may only have access to the VMs.
February 6th, 2008, 11:54 PM
HTRegz

I think that the hypervisor approach is still too young to tell... As it is VMWare / Virtual (PC|Server) have been around for some time, and it was really only this year that we saw nasty remote exploits for both of them.... There's definitely an issue of having an underlying OS... it doesn't work in the long term... not when you are thinking security. It's fine to use "traditional" Virtualization for development purposes... but for consolidation it just doesn't work.

For consolidation, the hypervisor will be the only way to go... and we'll have to wait and see.. it's too early to tell if the attacks will become predominant... and if host segregation will be adequate... Attacking the host is fine, but what happens when one of the guests is compromised and someone discovers that the guests can, with relative easy, jump between themselves... That opens the door to other problems...

Virtualization, as it currently stands, only has one road... and currently it's the road to being less secure... The guest os has the same level of security and below it you are introducing more complex code... you won't see increased security... at least not for a while... (if ever).
February 8th, 2008, 02:45 PM
MrLinus

HT, yer a thread killer! :p

Quote:

Originally Posted by HTRegz

I think that the hypervisor approach is still too young to tell... As it is VMWare / Virtual (PC|Server) have been around for some time, and it was really only this year that we saw nasty remote exploits for both of them.... There's definitely an issue of having an underlying OS... it doesn't work in the long term... not when you are thinking security. It's fine to use "traditional" Virtualization for development purposes... but for consolidation it just doesn't work.

For consolidation, the hypervisor will be the only way to go... and we'll have to wait and see.. it's too early to tell if the attacks will become predominant... and if host segregation will be adequate... Attacking the host is fine, but what happens when one of the guests is compromised and someone discovers that the guests can, with relative easy, jump between themselves... That opens the door to other problems...

Virtualization, as it currently stands, only has one road... and currently it's the road to being less secure... The guest os has the same level of security and below it you are introducing more complex code... you won't see increased security... at least not for a while... (if ever).

Hrmm.. so EAL4+ certification for 3.0.1 (I think that's what they submitted for common criteria) won't help much? What security do you think it's lacking (from your post you seem to be suggesting, from my view point, that a hypervisor is insecure)? What things will virtualization have to include to ensure security?

Then again, what system is ever truly secure? :D
February 8th, 2008, 03:33 PM
HTRegz

Quote:

Originally Posted by MsMittens

HT, yer a thread killer! :p

Hrmm.. so EAL4+ certification for 3.0.1 (I think that's what they submitted for common criteria) won't help much? What security do you think it's lacking (from your post you seem to be suggesting, from my view point, that a hypervisor is insecure)? What things will virtualization have to include to ensure security?

Then again, what system is ever truly secure? :D

I've often thought I should be ThreadKiller :) but the name was taken...

I don't know that EAL4+ is sufficient... I don't know that security is necessarily lacking from the hypervisor... as you write in security you bloat the product... which isn't what you want from a hypervisor... I think it's inherent security risks that are the problem... some problems have to go away... regardless of how minor the hardware is...

Cemetric had a great example... the security of virtual switches... Going further... the hardware is being shared... something is controlling that hardware sharing... that control is at risk.. especially (for example ) at the network level...

Will hypervisors make systems more insecure... not necessarily... will they increase security... not a chance.