icarus. I dont think the vendors are selling virtual machines as a silver bullet to solve the malware problem. Security research is simply another application of VM. Many IT admins use VM technology to consolidate their IT services onto one machine, instead of having a different physical machine for each service... VM is also VERY useful for software testing too....
Unfortunately, virtualization has a lot of security-related problems. It require constant revert to original state. Sandbox HIPS without virtualization (DefenseWall HIPS, GeSWall) gives much more security to their users compare to sandbox HIPS with virtualization (ex-Greenborder, SandboxIE,...).
6 comments :
GreenBorder / Virtualization -
Does it all go together with this article
Cant really agree more there. The simple version of this article could go as follows :
"On virtualisation : There is no silver bullet, try again"
Doublt this will stop vendors from trying to sell it as such silver bullet. Ah, we will see :)
icarus. I dont think the vendors are selling virtual machines as a silver bullet to solve the malware problem. Security research is simply another application of VM. Many IT admins use VM technology to consolidate their IT services onto one machine, instead of having a different physical machine for each service... VM is also VERY useful for software testing too....
//Steve Jackson
Malware Researcher
btw. Nice to see Google having a security related blog!!
//Steve
Security researchers use VMs because they have handy snapshot and revert features.
Some OSes have snapshot and revert features, but they are inconvenient to use.
I'd agree that VMs are just another container like processes, chroot jails, etc. which offer some security properties, but are not a magic bullet.
-chris wee
Unfortunately, virtualization has a lot of security-related problems. It require constant revert to original state. Sandbox HIPS without virtualization (DefenseWall HIPS, GeSWall) gives much more security to their users compare to sandbox HIPS with virtualization (ex-Greenborder, SandboxIE,...).
Post a Comment