VMware to develop Secure Systems for NSA

[phishphreek]

Thats pretty much the same exact thing that I do. I run my day to day activities on my workstation. Then, in a vmware session on that box, I have a workstation loaded with just the essentials I need to connect and work over the VPN.

I've always worried that if I got a keylogger on my host, it'd be able to see what I'm doing in vmware. It'd be nice to know for sure that what you do in one session can't affect the other sessions.

Offtopic: I wonder if both MSM and HTRegz are from Canada, eh? heh

[HTRegz]

Thats pretty much the same exact thing that I do. I run my day to day activities on my workstation. Then, in a vmware session on that box, I have a workstation loaded with just the essentials I need to connect and work over the VPN.

I've always worried that if I got a keylogger on my host, it'd be able to see what I'm doing in vmware. It'd be nice to know for sure that what you do in one session can't affect the other sessions.

Offtopic: I wonder if both MSM and HTRegz are from Canada, eh? heh

What's Canada???

Anyways... There's a difference between what you're doing phish and what is being described... The Hypervisor technology would be similar to ESX Technology, making it different from all other VMWare Products...

Doing what you're doing with VMWare, *could* leave you no better off than doing it all on a single box. Take the recent MS Advisory affecting Virtual Server / PC...It allowed admin of 1 guest os to control anything (host or other guests)... should a similar problem be found in VMWare Workstation / Server, then access to host or any guest == compromise of all...

I'd really like to see what will happen to this agreement when it's demonstrated that VMWare is violating the GPL... it may lead to an interesting turn of events.

[rcgreen]

and is therefore subject to the GPL

Not a problem. If they use it in their agency and never distribute it,
they are not obligated to publish the code.

[nihil]

What has the GPL got to do with anything?

The NSA is contracting VMware, a software developer, to provide them with a bespoke, secure system. As such, it is a government contract and closed source.

The IP and source will belong to the government, as they are paying for it

[HTRegz]

What has the GPL got to do with anything?

The NSA is contracting VMware, a software developer, to provide them with a bespoke, secure system. As such, it is a government contract and closed source.

The IP and source will belong to the government, as they are paying for it

They are going to use "VWMare's Hypervisor" which is the base of ESX... which relies on Linux and uses portions of Linux... so I'd say it has everything to do with the GPL

[nihil]

NO, you must learn to read between the lines

This High-Assurance Platform workstation will use VMware's hypervisor technology

That does not mean that they are going to use existing systems...............otherwise there would be no need for the project.

By "technology" they mean concepts, not existing systems. A hypervisor is a mechanism, it is not dependent on Linux or any other operating system, and it certainly is not "derived" from a particular operating system, so the GPL is irrelevant.

Anyway, the Linux open source community is totally impotent when it comes to any sort of civil legal enforcement. There is nobody with a serious interest and nobody with the funding.

If you really want to self-destruct, p1$$1ng off the NSA seems like an excellent place to start