an ominous comment

Georgi Guninski guninski at guninski.com
Sun Jul 19 06:54:45 PDT 2015


On Sun, Jul 19, 2015 at 10:15:38AM +0200, Florian Weimer wrote:
> * Georgi Guninski:
> 
> > You should be aware of the numerous virtualization
> > sploits -- Xen, Qemu, possibly others.
> >
> > Exploiting a virtualization bug is just the fee
> > "to be in cloud" and I _suspect_ more efforts
> > are needed for my boxen.
> 
> Not all service providers hand you the capability to run arbitrary
> code to run VM exploits, so you have to exploit an application bug
> first.  (And the application may even run on bare metal.)
> 
> Service providers can also provision VMs in such a way that customers
> can only attack themselves.

Really? Isn't this too expensive for times of crisis like this?

Anyway, me conjecture that there are plenty of bugs alive.



More information about the cypherpunks mailing list