> You have failed to satisfactorily explain why running a specific application
quoted text
> in a VM is more secure then running it in a standard OS. It's nonsense that
> you think it's more secure that way. It saves a lot of money, yes -- you
> don't necessarily want a separate box just to run an application - but
> that's not the debate here. The debate is about security, and I'm amazed
> that you think a virtual environment is somehow more secure then a dedicated
> non-virtual environment.

It's that extra 4MB of poo code, that is what makes it more secure.

It's slippery and sticky at the same time, so that the application
attackers slip and slide and fall into the page boundaries.

If the actual hardware let us do more isolation than we do today, we
would actually do it in our operating system.

The problem is the hardware DOES NOT actually give us more isolation
abilities, therefore the VM does not actually do anything what the say
they do.

While x86 hardware has the same page-protection hardware that an IBM
390 architecture machine has, modern PC machines are a mess.  They are
architecturally so dirty, that parts of the video, keyboard, and other
IO devices are interfaced with even to do simple things like context
switching processes and handling interrupts.  Those of us who have
experience with the gory bits of the x86 architecture can clearly say
that we know what would be involved in virtualizing it, and if it was
so simple, we would not still be fixing bugs in the exact same area in
our operating system going on 12 years.

We know what a VM operating system has to do to deal with the PC
architecture.  It is too complex to get perfectly right.

And now you've entered into the layered approach where *any error* in
the PC model exposed to the client operating system is not just a
crashing bug -- it is now exploitable.

It might be nice, but it is stupid.  And anyone who thinks there is
any security advantage at any level knows nothing about PC
architecture.