In this article, we want to provide you with a closer look under the hood of our VirtualBox KVM variant for Linux we just released on GitHub. It replaces the original VirtualBox kernel module with a backend implementation for the KVM hypervisor provided by Linux.
Today we are announcing the open-source release of our KVM backend for Virtualbox.
Physical Infrastructure in the real-world has a much longer lifetime than software systems. This presents a number of challenges to operators: Hardware components fail at some point while spare parts are no longer available and need to be replaced by modern alternatives. Old software lacks support for modern components and a major software upgrade is required for continuing operation. Learn how this gap can be mediated and what can be done to solve this issue long-term.
The thesis presents modifications to Hedron and an associated runtime system. Together, these components enable the concurrent execution of Hedron-native applications and unmodified foreign applications using Linux programs as an example. This allows to reuse the established toolchains and developing new software for Hedron with them. Furthermore, Linux programs are supported that contain additionally Hedron-native system calls. I call them hybrid applications. This mechanism enables to communicate directly with interfaces of Hedron's runtime environment from foreign applications.
HoTSoS identifies itself as research event centered on the Science of Security, which aims to address the fundamental problems of security in a principled manner. Because the seminal Spectre paper won NSA's Best Scientific Cybersecurity Paper Competition last year, its authors were invited to give a keynote speech at the symposium. Given that the corresponding vulnerabilities were disclosed to Intel almost 4 years ago, we (the authors) decided to take a step back and to look, in HotSoS' spirit, at the fundamental problems. We (Cyberus Technology) feel deeply honoured that we were entrusted with delivering the talk and want to give you a sneak preview of what to expect.
Cyberus Technology Presents new Perspectives on Virtual Machine Introspection at Biggest German IT Security Congress
Compromised software of the trusted compute base is a major challenge as it allows attackers to fly under the radar. VMI provides for defense-in-depth and enables event-driven response in a sandbox environment