Back to home

Commentary

Google Summer of Code Project, TinyVMI: Porting LibVMI to Mini-OS
09/05/2018

This blog post comes from Lele Ma, a Ph.D. student at William and Mary. He was recently a Google Summer of Code Intern working on the Honeynet Project.  Introduction This post introduces the project I worked on with Honeynet Project at Google Summer of Code this year. The project

The Xen Project is participating in 2018 Summer round of Outreachy
02/13/2018

This is a quick reminder that the Xen Project is again participating in Outreachy (May 2018 to August 2018 Round). Please check the Outreachy application page for more information. Outreach Program for Women has been helping women (cis and trans), trans men, and genderqueer people get involved in free and

My GSoC Experience: Allow Setting up Shared Memory Regions between VMs from xl Config File
08/29/2017

This blog was written by Zhongze Liu. Zhongze Liu is a student studying information security in Huazhong University of Science and Technology in Wuhan, China. He recently took part in GSoC 2017 where he worked closely with the Xen Project community on “Allowing Sharing Memory Regions between VMs from xl

My GSoC experience: Fuzzing the hypervisor
08/25/2017

This blog post was written by Felix Schmoll, currently studying Mechanical Engineering at ETH Zurich. After obtaining a Bachelor in Computer Science from Jacobs University he spent the summer working on fuzzing the hypervisor as a Google Summer of Code student. His main interests in code are low-level endeavours and

How To Shrink Attack Surfaces with a Hypervisor
02/16/2017

A software environment’s attack surface is defined as the sum of points in which an unauthorized user or malicious adversary can enter or extract data. The smaller the attack surface, the better. Linux.com recently sat down with Doug Goldstein (https://github.com/cardoe or @doug_goldstein) to discuss

What You Need to Know about Recent Xen Project Security Advisories
11/22/2016

Today the Xen Project announced eight security advisories: XSA-191 to XSA-198. The bulk of these security advisories were discovered and fixed during the hardening phase of the Xen Project Hypervisor 4.8 release (expected to come out in early December). The Xen Project has implemented a security-first approach when publishing

Will Docker Replace Virtual Machines?
08/11/2015

Docker is certainly the most influential open source project of the moment. Why is Docker so successful? Is it going to replace Virtual Machines? Will there be a big switch? If so, when? Let’s look at the past to understand the present and predict the future. Before virtual machines,

The Bare-Metal Hypervisor as a Platform for Innovation
07/08/2015

In this industry, everyone seems to talk about innovation, but very few platforms exist which foster innovation.  More times than not, “innovation” is simply a buzzword used by some marketing campaign to hawk something about as novel as twenty-year-old accounting software. Innovation does occur, of course.  But often

Hardening Hypervisors Against VENOM-Style Attacks
05/14/2015

This is a guest blog post by Tamas K. Lengyel, a long-time open source enthusiast and Xen contributor. Tamas works as a Senior Security Researcher at Novetta, while finishing his PhD on the topic of malware analysis and virtualization security at the University of Connecticut. The recent disclosure of the

7 Unikernel Projects to Take On Docker in 2015
04/20/2015

This is a reprint of a 3-part unikernel series published on Linux.com. In part one, Xen Project Advisory Board Chairman Lars Kurth takes a closer look at the rise of unikernels and several up-and-coming projects to keep close tabs on in the coming months. Docker and Linux container technologies

XSA-108: Not the vulnerability you're looking for
10/03/2014

There has an unusual amount of media attention to XSA-108 during the embargo period (which ended Wednesday) — far more than any of the previous security issues the Xen Project has reported. It began when a blogger complained that Amazon was telling customers it would be rebooting VMs in certain regions