hypervisor


Eweek has an interesting piece on a proof of concept hyperjacking rootkit that’s about to do the rounds of the security shows…

“The idea behind Blue Pill is simple: your operating system swallows
the Blue Pill and it awakes inside the Matrix controlled by the ultra
thin Blue Pill hypervisor. This all happens on-the-fly (i.e. without
restarting the system) and there is no performance penalty and all the
devices,” she explained.

Rutkowska stressed that the Blue Pill technology does not rely on
any bug of the underlying operating system. “I have implemented a
working prototype for Vista x64, but I see no reasons why it should not
be possible to port it to other operating systems, like Linux or BSD
which can be run on x64 platform,” she added.

Interesting times…

Advertisements

I’ve realised I’ve mentioned the idea of the hypervisor wars without explaining what I mean by it.

The underlying virtualisation technologies used in Intel’s VT and AMD’s Pacifica curently only allow a single VM Manager to run. This means that the VMM (the hypervisor) installed has an incredible amount of power – it controls what runs and how it runs. Install yours first, and the machine is yours – especially if you lock your hypervisor into TPM or similar security mechanisms.

So what would the hypervisor wars mean? Firstly an end to the open systems model that’s been at the heart of enterprise IT for the last 25 years.

If Microsoft and VMware fell out, VMware could reduce the priority of Windows partitions. Other hypervisors might have licensing conditions that make it impossible to run non-free OSes as clients.

You could end up with a situation where each OS installation would attempt to insinuate its own hypervisor onto the system partition. Security partition developers may find that they are only able to code for one set of hypervisor APIs – locking end users into a closed platform.

The end state?

Co-opetition breaks down, the industry becomes enclaves built around hypervisor impementations, and the end user finds that they’re unable to benefit from the possibilities of an open hypervisor architecture.

Can we avoid the hypervisor wars? Optimistically I think we can. There are pre-requisites. We need an agreed hypervisor integration architecture, and we need it quickly. Let VMM developers compete on ease of operation and management, not on who controls your PC.

Technorati Tags:

One thing to note about the new Apple Intel machines is that the Yonah chipset supports VT.

With Apple saying that they’ll let Windows run on their hardware, the question is – will they let a third-party hypervisor run? I suspect not – especially if they are using TPM in secure startup mode. Of course, they’ll first need to enable VT in whatever BIOS they’re using…

So will Apple produce its own hypervisor, or will it badge a third-party tool? My personal suspicion is that Apple doesn’t have the skills to write it’s own hypervisor (there are only a limited number of people with the deep combination of hardware internals and OS knowledge required, and they’re mainly at Microsoft and VMware) that they’ll announce a partnership with VMware at the WWDC. Unless Apple’s been hiring the Xen dev team on the sly…

Apple will quickly need to gain the high ground in managing virtualisation on their platform – as they’ll need to maintain contol of OS X running as a VM. Otherwise, will Apple be the first casualty of the hypervisor wars?

Technorati Tags: , , ,