Click here to receive your FREE subscription to Campus Technology
News
Virtualization Showdown at Black Hat
8/1/2008
|
|
Next week at the Black Hat conference in Las Vegas, security researcher Joanna Rutkowska promises to demonstrate how a malicious attacker, working remotely, could take control of the open-source Xen virtualization software.
If successful, Rutkowska and her team will be the first researchers to demonstrate how to compromise a Xen hypervisor, that crucial layer of virtualization software underneath all the virtualized environments running on a machine, one that provides direct connections to the processor, memory and hardware devices.
"Many people [have] argued that having a legitimate hypervisor installed prevents installation of virtualization-based malware. We will show that this is not the case," she said in an e-mail interview.
For the conference, Rutkowska will oversee three presentations, which will be given by herself, Rafal Wojtczuk and Alex Tereshkin. In addition to showing how to install the rootkit, they also plan to show how someone could bypass the security monitoring mechanisms that would normally detect such an attack. Finally, and perhaps most importantly, they will show how users could prevent such attacks.
Citrix system chief security strategist Kurt Roemer expects Rutkowska's disclosure will generate more publicity than prove to be a serious threat to operating instances of the software. He likens it to "sensationalist attacks," that frequently are weighed against virtualization software. Citrix offers a commercially-supported version of Xen.
Roemer has not seen Rutkowska's presentation, but he does point out that the attack will probably rely upon the attacker having root access to the server running Xen. "That's not a normal model," he noted.
Rutkowska confirmed that root access is needed. Much like root access is needed to install a root kit on a server, so too will administrative access be needed to breech Xen. Rutkowska argued, however, that her work is still important.
"Years ago other vendors tried to downplay the importance of ... [Microsoft] Windows kernel rootkits, saying that one needed to already be an administrator in order to install one. As we know, over the last couple of years, kernel rootkits became a very serious security problem," she commented.
Recommended Reading
- Tufts Grants Rights for Mileage-Increasing Transportation Technology to Electric Truck
Tufts University has optioned rights to a technology that can recharge the batteries of any hybrid electric and electric-powered vehicle while it is driven. The Tufts-developed technology could increase by 20 percent to 70 percent the miles per gallon or total driving range performance of vehicles like the Honda Civic, Ford Escape, and Toyota Prius hybrids and the Tesla Motors and Phoenix Motorcars electric vehicles.
- U Florida and Cyntellect Collaborate to Unlock Mysteries of Cancer Stem Cells
The University of Florida has entered into a research agreement with life sciences company Cyntellect. The university's Interdisciplinary Center for Biotechnology Research will work with the company to focus on a variety of research areas including the purification and analysis of cancer stem cells (CSCs), rare cells believed to be directly involved in propagating cancers.
- George Mason U Receives Grant To Deploy Intergraph Apps for Intelligence Curriculum
George Mason University (GMU) in Fairfax, VA has been awarded a grant from Intergraph to enable students enrolled in GMU's Geospatial Intelligence Graduate Certificate program to use the company's geospatial production and exploitation software as part of their core curriculum.
- Institute for Cyber Security at U Texas, San Antonio Opens Incubator
The University of Texas at San Antonio (UTSA) Institute for Cyber Security (ICS) has launched a new Internet security incubator. The incubator was developed to commercialize promising technologies that address major cyber security and privacy issues. The first companies to enter the incubator are Denim Labs and SafeMashups.
- ISO/IEC Publishes Office Open XML Standard
ISO/IEC has published the Office Open XML (OOXML) file format standard, formally known as ISO/IEC 29500:2008. It describes file formats originally designed by Microsoft for its Office 2007 productivity suite, which are used in presentation, spreadsheet and word processing applications.
- Dynamics NAV 2009 ERP Coming Next Month
Microsoft exec Kirill Tatarinov Wednesday described some new features to expect in the forthcoming Microsoft Dynamics NAV 2009 enterprise resource planning solution. He gave the keynote address at Microsoft's Convergence 2008 event in Copenhagen, Denmark.
