Joana Rutkowska and her team presented very interesting insights on Xen security, as well as attacks against it, at this years Black Hat conference in Las Vegas.
In a trilogy of talks(“Xen 0wning trilogy”), they gave information about “Subverting the Xen Hypervisor”, “Detecting and preventing the Xen hypervisor subversions”, as well as “Bluepilling the Xen hypervisor”.
In a final comment in her blog about the talks, Joana concludes: “It’s worth noting that we chose Xen as the target not because we think it’s insecure and worthless. On the contrary, we believe Xen is the most secure bare-metal hypervisor out there (especially with all the goodies in the upcoming Xen 3.3). Still we believe that it needs some improvements when it comes to security.”
Sounds like a nice last word 🙂
Read some of the highlights of the talks explained by Joana.
Read more
In safety-critical industries like automotive and industrial systems, trust is non-negotiable. When building software that controls critical hardware, like braking systems or factory automation, you need confidence. The software must behave exactly as intended. Every time. On the actual device. That's why the Xen Project is investing in
The annual Xen Summit is right around the corner, and there has never been a more exciting time to be part of the Xen Project. As enterprise and industrial needs shift and proprietary vendors rethink their licensing, the industry is ready for strong, open alternatives. Xen stands out not only
Xen is open, secure, and built for the future. As the new Community Manager, I’m focused on growing the Xen community, welcoming new contributors, and ensuring a thriving ecosystem. Let’s build the future of virtualization together!
The Xen Project has released Xen 4.20 🎉! This release introduces a range of enhancements that further solidify its position as the premier open-source hypervisor. It delivers important security updates, improved performance, and broader hardware support. Xen has doubled down as the best choice for cloud providers, enterprise users, and