[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Hidden service: Is it possible for an attacker to break out of a VM?
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Hidden service: Is it possible for an attacker to break out of a VM?
- From: Robert Ransom <rransom.8774@xxxxxxxxx>
- Date: Thu, 7 Oct 2010 17:45:41 -0700
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Thu, 07 Oct 2010 20:43:38 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type; bh=RiZnyIrHbSWBgyTvChotP64hfSOMyX98RZ2rCcU3o08=; b=BwheQS3WZbsXlxIdsU2QeWxS9giK8ZQnvYRR+C3G2oMj8rMyrQQan02yRmUioqr7fy iOjYCnS8hYAIrJGEeDb78Z12PGoPTChCK0EdJ2qY3iR6PwvhxB10a3JP7Zj5M+dsNMxw CAUskMl3TcidfnYZOTH0X4a9h+CHC2havU0bs=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type; b=UTLaWQPez1On354wmygkc7hSVfVJrTJ0TCh4/bE5DMFJ96D3igjO5f38nLOK/fkt1b l4gXLRAcLSlNAMJch0YAzXPadAc2ZPCUKlWwgLYbPgeI3NO1N5kFPltxZz1nGJQm2xR5 T8+SmhO8fADsY/kcxkuj7MveFXdVBXIdtgxZo=
- In-reply-to: <N1-p1MKZWeDuD@xxxxxxxxxxxxx>
- References: <N1-p1MKZWeDuD@xxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On Thu, 7 Oct 2010 18:12:45 -0400
hikki@xxxxxxxxxxxxx wrote:
> Several people recommend running a hidden service from within a VM,
> to prevent attackers from doing side channel attacks and reading off your
> hardware components and serial numbers.
Using a VM doesn't prevent most side-channel attacks. It only blocks
access to a description of your hardware.
> Then I heard that attackers can actually break out of VM's if they get root
> access on it due to a successful attack.
It depends on the VM software you are using.
Robert Ransom
Attachment:
signature.asc
Description: PGP signature