Xen security research results presented

Joana Rutkowska and her team presented very interesting insights on Xen security, as well as attacks against it, at this years Black Hat conference in Las Vegas.

In a trilogy of talks(“Xen 0wning trilogy”), they gave information about “Subverting the Xen Hypervisor”, “Detecting and preventing the Xen hypervisor subversions”, as well as “Bluepilling the Xen hypervisor”.

In a final comment in her blog about the talks, Joana concludes: “It’s worth noting that we chose Xen as the target not because we think it’s insecure and worthless. On the contrary, we believe Xen is the most secure bare-metal hypervisor out there (especially with all the goodies in the upcoming Xen 3.3). Still we believe that it needs some improvements when it comes to security.”

Sounds like a nice last word :)

Read some of the highlights of the talks explained by Joana.