Quoting "Douglas A. Tutty" <[EMAIL PROTECTED]>: > Problem: in your analogy, there is some limit to the number of bad guys > before they become obvious to local law-enforcement. In the computer > case, best to consider the number of bad guys unlimited; you can only > limit the _rate_ at which they try to attack via the net (physical > security is back to the car analogy; how many datacentres do you need). > > Answer to your question: > > 4 cars, all dummies. > > Dress the diplomats up as cleaning staff and send them via public > transit. > > This is where the analogy breaks down. The safety of the ambasidors > relies on secrecy; if its blown, the bad guys will know which car the > good guys are in and will blow it up. If it secrecy remains tight, they > won't know your plans whatever they are. > > Doug. >
I would have thought this is further evidence of the analogy not being too bad. You are relying on secrecy - if that is blown, you're screwed across the board - all four ambassadors. So for virtualisation, you are relying on the separate application domains being partitioned off from each other - and if that is blown, you're screwed across the board again. In both cases, the failure could be malicious (bad guy tortures the maid for information / hacker gets into system) or accidental (toxic leak on subway / some interaction between guest process and host triggers previously undiscovered bug.) But instead of going all James Bond-ish - I could have said is having all your eggs in one basket more secure?
