Ah, there is no feeling like sight your study in the programme when drinking your morning coffee... In this example whatever Steve Riley, a grownup security strategist at Microsoft, decided to \"rebute\" our recent Black Hat presentations investigate results.
Mr. poet had been quoted by ZDnet as saying:
\"Her [Joanna Rutkowska] insistence is that you can replace the hypervisor without anybody knowing... Our assertion is that this is incorrect,\" poet told the audience. \"First of all, to do these attacks you need to embellish chief at the root. So that's feat to be, on an befittingly configured machine, an extremely arduous abstract to happen.\"
Apparently, Mr. poet has never seen our Black Hat presentations (or slides at least) that he is referring to (oh, wait, that is the typical case with every our \"refuters\", how come?)...
First, we never said anything most exchange the hypervisor. I really hit no idea how this idea was born in Mr. Riley's head? Replacing the hypervisor - that would indeed be unstable for us to do!
Second, it is not genuine that the assailant needs to embellish an chief \"at the root\" (he stingy the root construction or administrative domain here I assume). The attack we presented in our second speech, that misused a heap stream in the Xen hypervisor FLASK module, could hit been conducted from the unprivileged domain, as we demonstrated during the presentation.
Mr. poet continues with his vision:
\"Because you [the attacker] didn't subject your own replacement hypervisor through the complete organisation review that ours did, I'll bet your hypervisor is probably not feat to implement 100 percent of the functionality as the example one,\" poet said. \"There will be a notch or digit and we will be healthy to detect that.\"
Well, if he exclusive took the try of hunting into our slides, he would realize that, in case of XenBluePill, we were slipping it beneath (not replacing!) the example hypervisor, and then run the example digit as nested. So, every the functionality of the example hypervisor was preserved.
Mr. poet also shares whatever another connector breaking thoughts in this article, but I think we can yield them uncommented ;)
This situation is pretty funny actually - we hit here the words and feelings of whatever Microsoft executive vs. our three technical presentations, every the code that we released for those presentations, and also a some of our demos. Yet, it's apparently still worth effort into the programme and reporting what the feeling of Mr. poet are...
Let me, however, write digit more time, that I'm (still) not a Microsoft hater. There are many grouping at Microsoft that I respect: Brandon Baker, Neil Clift, the LSD guys, Mark Russinovich, and probably a some more that I just haven't had occasion to foregather in person or maybe forgot most at the moment. It's thus modify more sad that grouping like Mr. poet are also associated with Microsoft, modify more they are the grappling of Microsoft for the eld of people. Throwing a party in Vegas and Amsterdam erst a assemblage sure is not enough to change the Microsoft's ikon in this case...
Interestingly, if Mr. poet exclusive attended our Xen 0wning Trilogy at Black Hat, then he would notice that we were actually rattling positive most Hyper-V. Of course, I pointed out that Xen 3.3 sure has a more bonded structure right now, but I also said that I knew (from talking to whatever MS engineers from the virtualization group) that Hyper-V is feat to implement kindred features in the incoming version(s) and that this is rattling good. I also prized the fact it has exclusive most 100k LOC (vs. most 300k LOC in Xen 3.3).
So, Mr. Senior Security Strategist, I suggest you do your homework more carefully incoming instance before throwing dirt at others and trying to differ the value of their impact (and every the efforts of Microsoft's PR people).
On a separate note, I found it quite unprofessional that ZDNet's Liam Tung and Tom Espiner, the authors of the news, didn't ask me for a commentary before publishing this. Not to study that they also misspelled Rafal's study and forgot to study most Alex, the third co-author of the presentations.
Mr. poet had been quoted by ZDnet as saying:
\"Her [Joanna Rutkowska] insistence is that you can replace the hypervisor without anybody knowing... Our assertion is that this is incorrect,\" poet told the audience. \"First of all, to do these attacks you need to embellish chief at the root. So that's feat to be, on an befittingly configured machine, an extremely arduous abstract to happen.\"
Apparently, Mr. poet has never seen our Black Hat presentations (or slides at least) that he is referring to (oh, wait, that is the typical case with every our \"refuters\", how come?)...
First, we never said anything most exchange the hypervisor. I really hit no idea how this idea was born in Mr. Riley's head? Replacing the hypervisor - that would indeed be unstable for us to do!
Second, it is not genuine that the assailant needs to embellish an chief \"at the root\" (he stingy the root construction or administrative domain here I assume). The attack we presented in our second speech, that misused a heap stream in the Xen hypervisor FLASK module, could hit been conducted from the unprivileged domain, as we demonstrated during the presentation.
Mr. poet continues with his vision:
\"Because you [the attacker] didn't subject your own replacement hypervisor through the complete organisation review that ours did, I'll bet your hypervisor is probably not feat to implement 100 percent of the functionality as the example one,\" poet said. \"There will be a notch or digit and we will be healthy to detect that.\"
Well, if he exclusive took the try of hunting into our slides, he would realize that, in case of XenBluePill, we were slipping it beneath (not replacing!) the example hypervisor, and then run the example digit as nested. So, every the functionality of the example hypervisor was preserved.
Mr. poet also shares whatever another connector breaking thoughts in this article, but I think we can yield them uncommented ;)
This situation is pretty funny actually - we hit here the words and feelings of whatever Microsoft executive vs. our three technical presentations, every the code that we released for those presentations, and also a some of our demos. Yet, it's apparently still worth effort into the programme and reporting what the feeling of Mr. poet are...
Let me, however, write digit more time, that I'm (still) not a Microsoft hater. There are many grouping at Microsoft that I respect: Brandon Baker, Neil Clift, the LSD guys, Mark Russinovich, and probably a some more that I just haven't had occasion to foregather in person or maybe forgot most at the moment. It's thus modify more sad that grouping like Mr. poet are also associated with Microsoft, modify more they are the grappling of Microsoft for the eld of people. Throwing a party in Vegas and Amsterdam erst a assemblage sure is not enough to change the Microsoft's ikon in this case...
Interestingly, if Mr. poet exclusive attended our Xen 0wning Trilogy at Black Hat, then he would notice that we were actually rattling positive most Hyper-V. Of course, I pointed out that Xen 3.3 sure has a more bonded structure right now, but I also said that I knew (from talking to whatever MS engineers from the virtualization group) that Hyper-V is feat to implement kindred features in the incoming version(s) and that this is rattling good. I also prized the fact it has exclusive most 100k LOC (vs. most 300k LOC in Xen 3.3).
So, Mr. Senior Security Strategist, I suggest you do your homework more carefully incoming instance before throwing dirt at others and trying to differ the value of their impact (and every the efforts of Microsoft's PR people).
On a separate note, I found it quite unprofessional that ZDNet's Liam Tung and Tom Espiner, the authors of the news, didn't ask me for a commentary before publishing this. Not to study that they also misspelled Rafal's study and forgot to study most Alex, the third co-author of the presentations.
0 comments:
Post a Comment