an ominous comment
Florian Weimer
fw at deneb.enyo.de
Sun Jul 19 01:15:38 PDT 2015
* Georgi Guninski:
> You should be aware of the numerous virtualization
> sploits -- Xen, Qemu, possibly others.
>
> Exploiting a virtualization bug is just the fee
> "to be in cloud" and I _suspect_ more efforts
> are needed for my boxen.
Not all service providers hand you the capability to run arbitrary
code to run VM exploits, so you have to exploit an application bug
first. (And the application may even run on bare metal.)
Service providers can also provision VMs in such a way that customers
can only attack themselves.
More information about the cypherpunks
mailing list