InvisibleThings.org posted some more details on their Xen Owning Trilogy session at last weeks Black Hat conference in Las Vegas.
Joanna Rutkowska and her crew gave a series of 3 talks discussing different potential security issues with Xen. With the VirtSec awareness growing this obviously is an important topic .
When quickly skimming trough the presentations the big question that arise is , how relevant is this all for a day to day production environment. Given the fact that some exploits assume you already root before you can install a stealth backdoor and others rely on specific hardware features that might or might not be available in your setup things might be that critical yet.
All 3 talks can be found on the Invisiblethingslab.com site
Virtualization.com will have a closer look at the discussed issues and we’ll be back with more detail later.
[…] findings about Xen security as we earlier reported. […]