[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hidden service: Is it possible for an attacker to break out of a VM?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Hidden service: Is it possible for an attacker to break out of a VM?
From: Michael Gomboc <michael.gomboc@xxxxxxxxx>
Date: Thu, 7 Oct 2010 20:31:14 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Thu, 07 Oct 2010 20:31:24 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=4BVThDtsICwy/21YYwIr5VuGivVj30K++hpEvXfTwL8=; b=gZnqr5ZzFTe3KJ5vCztSUwRv4xQ/uBHadLvNbS3pZMEPkLCrFron0qwPWKzGenHzHa lZSl4443vf75d7YnCQ8684RqnvL2Y8Cgalvie8vHpEnwzynQlk3i6g2LbvT2wsijj8s8 e3bEnK5XYENLcj1CsB/MKcVM1JddjJdSEi/+8=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=aAfAjAeA3twU6IkH5FxGxid3Kc1/zTRtOO9AYOMsnpIOT1wsDvX8RIEIWtc3WC4bOZ 568buT/kE1sf9dd4HmpyVknB6egTijaC9dpe9BNaM6c7V+C/ewMgyk/vSpJ33coyzU/6 +cnpgS0KOqAz8ea5ruAdZZlei4QouX+VXUCcg=
In-reply-to: <N1-p1MKZWeDuD@xxxxxxxxxxxxx>
References: <N1-p1MKZWeDuD@xxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

Hi!

If there is no back-door or bug in your VM software, how you wanna break out of the VM?

Even with root privileges you will be a prisoner within the VM.

Proof me wrong.

Michael

2010/10/7 <hikki@xxxxxxxxxxxxx>

The title says it all:

Several people recommend running a hidden service from within a VM,
to prevent attackers from doing side channel attacks and reading off your
hardware components and serial numbers.

Then I heard that attackers can actually break out of VM's if they get root
access on it due to a successful attack.

I just want your opinions on that one, thanks!
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/

--
Michael Gomboc
www.viajando.at
pgp-id: 0x5D41FDF8

Follow-Ups:
- Re: Hidden service: Is it possible for an attacker to break out of a VM?
  - From: andrew
- Re: Hidden service: Is it possible for an attacker to break out of a VM?
  - From: Eugen Leitl

References:
- Hidden service: Is it possible for an attacker to break out of a VM?
  - From: hikki

Prev by Author: Re: Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.
Next by Author: Re: Torbutton 1.3.0-alpha: Community Edition!
Previous by thread: Re: Hidden service: Is it possible for an attacker to break out of a VM?
Next by thread: Re: Hidden service: Is it possible for an attacker to break out of a VM?
Index(es):
- Author
- Thread