Re: [PLUG] small business server virtualization?

[Rich Kulawiec <rsk@gsp.org>]

On Tue, Nov 07, 2017 at 11:54:47AM -0500, JP Vossen wrote:
> Complexity is the enemy of security, so simpler is better.  Thus I
> can argue that it's much more likely that most hypervisors *will* be more
> secure and have fewer bugs than OS/apps because they are much simpler and
> probably change somewhat less.

There's some merit in this argument, but I don't find it entirely convincing.
We've seen plenty of bugs in ostensibly-simple code, including some that
lurked for years/decades before they were publicly known.

There's another factor to consider here as well: where do adversaries spend
their time and effort?  Probably not on lint or troff, because even if it
turns out there's a nasty bug in them, it's unlikely to yield useful results.
But a virtualization layer bug, now THAT would be worth a lot -- particularly
if it's exploitable from inside a virtual host.

If I were well-resourced $BADGUYS, I would have an entire team of people
working on this and little else: perhaps it has a low probability of success,
but it also has a very high reward.

> So I think there's more middle ground than Theo implies.  That said, I
> personally don't trust virtualization for security, I use different physical
> machines on different physical network segments for separation.

Yes.  I do the same -- often with firewalls between them.

---rsk
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug