Re: About Xen: maybe a reiterative question but ..

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: <richardtoohey@...>

To: Douglas A. Tutty <dtutty@...>

Cc: <misc@...>

Subject: Re: About Xen: maybe a reiterative question but ..

Date: Thursday, October 25, 2007 - 2:36 pm

Quoting "Douglas A. Tutty" :

> Problem: in your analogy, there is some limit to the number of bad guys

quoted text

> before they become obvious to local law-enforcement. In the computer
> case, best to consider the number of bad guys unlimited; you can only
> limit the _rate_ at which they try to attack via the net (physical
> security is back to the car analogy; how many datacentres do you need).
>
> Answer to your question:
>
> 4 cars, all dummies.
>
> Dress the diplomats up as cleaning staff and send them via public
> transit.
>
> This is where the analogy breaks down. The safety of the ambasidors
> relies on secrecy; if its blown, the bad guys will know which car the
> good guys are in and will blow it up. If it secrecy remains tight, they
> won't know your plans whatever they are.
>
> Doug.
>

I would have thought this is further evidence of the analogy not being too bad.
You are relying on secrecy - if that is blown, you're screwed across the board
- all four ambassadors. So for virtualisation, you are relying on the separate
application domains being partitioned off from each other - and if that is
blown, you're screwed across the board again. In both cases, the failure could
be malicious (bad guy tortures the maid for information / hacker gets into
system) or accidental (toxic leak on subway / some interaction between guest
process and host triggers previously undiscovered bug.)

But instead of going all James Bond-ish - I could have said is having all your
eggs in one basket more secure?

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 4:18 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 9:31 am)

Re: About Xen: maybe a reiterative question but .., Dave Anderson, (Wed Oct 24, 11:45 am)

Re: About Xen: maybe a reiterative question but .., Lars Hansson, (Thu Oct 25, 12:50 am)

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 11:12 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 1:48 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 2:03 pm)

Re: About Xen: maybe a reiterative question but .. , L. V. Lammert, (Wed Oct 24, 2:41 pm)

Re: About Xen: maybe a reiterative question but .., Darren Spruell, (Wed Oct 24, 3:27 pm)

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 4:16 pm)

Re: About Xen: maybe a reiterative question but .., Jason Dixon, (Wed Oct 24, 4:37 pm)

Re: About Xen: maybe a reiterative question but .., Darren Spruell, (Wed Oct 24, 9:46 pm)

Re: About Xen: maybe a reiterative question but .., bofh, (Wed Oct 24, 4:48 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 3:46 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 4:31 pm)

Re: About Xen: maybe a reiterative question but .., Kevin Stam, (Wed Oct 24, 5:04 pm)

Re: About Xen: maybe a reiterative question but .., Lars Noodén, (Thu Oct 25, 2:14 am)

Re: About Xen: maybe a reiterative question but .., Richard Toohey, (Thu Oct 25, 3:28 am)

Re: About Xen: maybe a reiterative question but .., Richard Toohey, (Thu Oct 25, 3:37 am)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Thu Oct 25, 9:16 am)

Re: About Xen: maybe a reiterative question but .., , (Thu Oct 25, 2:36 pm)

Hardware support for secure virtualization (was: About Xen: ..., Rodrigo V. Raimundo, (Thu Oct 25, 6:50 am)

Re: Hardware support for secure virtualization (was: About X..., Stuart Henderson, (Thu Oct 25, 7:13 am)

Re: About Xen: maybe a reiterative question but .., Lars Noodén, (Thu Oct 25, 4:00 am)

Re: About Xen: maybe a reiterative question but .., Richard Toohey, (Thu Oct 25, 4:06 am)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 5:41 pm)

Re: About Xen: maybe a reiterative question but .. , Jack J. Woehr, (Wed Oct 24, 6:52 pm)

Re: About Xen: maybe a reiterative question but .., Daniel Ouellet, (Wed Oct 24, 5:19 pm)

Re: About Xen: maybe a reiterative question but .., Paul de Weerd, (Wed Oct 24, 3:22 pm)

Re: About Xen: maybe a reiterative question but .., Matthew Weigel, (Wed Oct 24, 6:35 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 2:57 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 4:48 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 5:31 pm)

Re: About Xen: maybe a reiterative question but .. , L. V. Lammert, (Wed Oct 24, 5:59 pm)

Re: About Xen: maybe a reiterative question but .., Steve Shockley, (Wed Oct 24, 9:53 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 11:02 am)

Re: About Xen: maybe a reiterative question but .., Brian, (Wed Oct 24, 8:06 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 9:14 pm)

Re: About Xen: maybe a reiterative question but .., Damien Miller, (Wed Oct 24, 10:01 pm)

Re: About Xen: maybe a reiterative question but .., Adam Getchell, (Thu Oct 25, 10:30 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 12:11 pm)

Re: About Xen: maybe a reiterative question but .., bofh, (Wed Oct 24, 9:46 pm)

Re: About Xen: maybe a reiterative question but .., Brian, (Wed Oct 24, 9:51 pm)

Re: About Xen: maybe a reiterative question but .., Damien Miller, (Wed Oct 24, 10:05 pm)

Re: About Xen: maybe a reiterative question but .., Tony Abernethy, (Wed Oct 24, 11:07 pm)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Thu Oct 25, 9:04 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 12:09 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 10:01 pm)

Re: About Xen: maybe a reiterative question but .., Tom Van Looy, (Thu Oct 25, 12:54 pm)

Re: About Xen: maybe a reiterative question but .., Subcommander l0r3zz, (Thu Oct 25, 4:36 pm)

Re: About Xen: maybe a reiterative question but .., Matt Rowley, (Fri Oct 26, 8:34 am)

Re: About Xen: maybe a reiterative question but .., Subcommander l0r3zz, (Fri Oct 26, 1:23 pm)

Re: About Xen: maybe a reiterative question but .. , Jeremy Huiskamp, (Wed Oct 24, 7:52 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 9:27 pm)

Re: About Xen: maybe a reiterative question but .., Shawn K. Quinn, (Sun Oct 28, 2:29 pm)

Re: About Xen: maybe a reiterative question but .., bofh, (Sun Oct 28, 5:34 pm)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Sun Oct 28, 6:18 pm)

Re: About Xen: maybe a reiterative question but .., Nick Holland, (Sun Oct 28, 10:31 pm)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Mon Oct 29, 8:43 am)

Re: About Xen: maybe a reiterative question but .., bofh, (Mon Oct 29, 9:11 am)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Mon Oct 29, 4:26 pm)

Re: About Xen: maybe a reiterative question but .., Balázs, (Mon Oct 29, 11:56 pm)

Re: About Xen: maybe a reiterative question but .., Karsten McMinn, (Thu Oct 25, 12:15 am)

Re: About Xen: maybe a reiterative question but .. , Tony Abernethy, (Wed Oct 24, 6:27 pm)

Re: About Xen: maybe a reiterative question but .. , L. V. Lammert, (Wed Oct 24, 6:44 pm)

Re: About Xen: maybe a reiterative question but .., Darrin Chandler, (Wed Oct 24, 8:43 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 9:20 pm)

Re: About Xen: maybe a reiterative question but .., Darrin Chandler, (Wed Oct 24, 9:54 pm)

Re: About Xen: maybe a reiterative question but .., Jason Dixon, (Wed Oct 24, 9:57 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 10:06 am)

Re: About Xen: maybe a reiterative question but .., Jason Dixon, (Thu Oct 25, 12:23 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 1:43 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 12:26 pm)

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 5:26 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 6:00 pm)

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 6:14 pm)

Re: About Xen: maybe a reiterative question but .., Paul de Weerd, (Wed Oct 24, 10:50 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 1:16 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 1:45 pm)

Re: About Xen: maybe a reiterative question but .., Adam Getchell, (Wed Oct 24, 12:46 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 12:59 pm)

Re: About Xen: maybe a reiterative question but .. , Jack J. Woehr, (Wed Oct 24, 1:14 pm)

Re: About Xen: maybe a reiterative question but .., bofh, (Wed Oct 24, 3:39 pm)

Re: About Xen: maybe a reiterative question but .., Marc Espie, (Wed Oct 24, 1:44 pm)

Navigation

Popular discussions


linux-kernel:
Andreas Gruenbacher	Re: [AppArmor 39/45] AppArmor: Profile loading and manipulation, pathname matching
Alan Cox	Re: [patch 7/8] fdmap v2 - implement sys_socket2
Jens Axboe	Re: regression: CD burning (k3b) went broke
Paul E. McKenney	Re: [PATCH 0/24] make atomic_read() behave consistently across all architectures
git:

linux-netdev:
KOSAKI Motohiro	[bug?] tg3: Failed to load firmware "tigon/tg3_tso.bin"
David Miller	[GIT]: Networking
Alexey Dobriyan	[PATCH 09/33] netns ct: per-netns /proc/net/nf_conntrack, /proc/net/stat/nf_conntr...
Gerrit Renker	[PATCH 18/37] dccp: Support for Mandatory options
openbsd-misc:

Colocation donated by:

Online users

Alirezasaberi

Syndicate