> On 28 Sep 2015, at 04:23, Eric Furman <ericfur...@fastmail.net> wrote: > > And then he states; "For me, this is a very nice blend > of security, manageability and convenience for my use-case." > This statement clearly demonstrates that he believes his > setup is secure. When, in fact, it is not. > That's why the security implications were brought up. > Hope this helps.
Interesting interpretation of the word 'blend' there. There is no such this as 'secure' in absolute terms. Attempting to believe this is just delusional. As I stated, and as you clearly quoted be staying, this a blend of security, manageability and convenience for *my use case*. I can see plenty of potential use-cases for OpenBSD running in a VM on a hypervisor for intra-vlan routing for VMs and general network utility. This has nothing at all to do with hypervisor security or the X86 architecture. > On 28 Sep 2015, at 01:34, Eric Furman <ericfur...@fastmail.net> wrote: > > OK, I read your blog. I see you are running this on x86 hardware. > X86 hardware provides NO real hardware virtualization. > You are clueless. Your VM and OpenBSD in the configuration > gives you NO added security. Just convenience. If that's all > you care about, fine, but don't delude yourself into thinking > that you are somehow adding security by running OpenBSD > in this fashion. > VM's give you no added security unless you are running them > on hardware that has been designed for that purpose, such > as IBM mainframes or the AS400. Probably some others > I'm leaving out, but NOT x86 hardware. > Just search for VM and security on the internets and see > what comes up. Secure they are not. You state you have read my blog, that I am running this setup on x86 hardware, and that I am clueless. You then mention AS/400 and IBM Mainframes. Really?! Am I also clueless in thinking my little HP Microserver can compete with hot swap CPUs? Did you really actually read my blog post? In what completely insane parallel universe does one compare a few hundred dollars worth of x86 kit occupying about 8 litres of space and quietly sipping a few tens of watts of power to even the most entry level iSeries or zSeries? I think this shows just how far off the mark this thread has come. -Matt â Matt Hamilton Quernus m...@quernus.co.uk +44 117 325 3025 64 Easton Business Centre Felix Road, Easton Bristol, BS5 0HE Quernus Ltd is a company registered in England and Wales. Registered number: 09076246
