On 24 November 2010 07:28, Brad Tilley <b...@16systems.com> wrote: > Nick Holland wrote: > >> what's changed? >> Layering? Nope. >> Crappy programming? Nope. >> Better hardware? not really. >> Features-before-security? Nope. > > Good points. The goals of virtualization are, easy management, power > savings, quick provisioning and deployment, redundancy, etc. When you > talk about security and virtualization at the guest level, the > prevailing attitude is, "If it gets hacked, we'll just restore it from a > known good snapshot... problem solved." > > I don't hear much talk at all about the host machine and security (the > real server that hosts all the pretend servers is just assumed to be > OK). There just seems to be a lot of trust in the vendors.
I'm waiting for the worm that specifically attacks ESX, or the like and takes out entire infrastructures that have been built on that trust. Shane
