This talk was given by Raul Tosa & Daniel Ticle, Bitdefender at the Xen Developer and Design Summit in July 2020. In July, Bitdefender open sourced Hypervisor Memory Introspection (HVMI)….
Read More
This document has been updated since it was published! Updates are marked in blue. On January 3rd, 2018, Google’s Project Zero announced several information leak vulnerabilities affecting all modern superscalar…
Updated to v3 on Dec 12th! Google’s Project Zero announced several information leak vulnerabilities affecting all modern superscalar processors. Details can be found on their blog, and in the Xen…
Today we released three patches for the following vulnerabilities: XSA-213, XSA-214 and XSA-215. Xen Project follows industry-accepted best practices regarding software security. This includes observing an embargo period, during which…
Let’s take a step back and look at the current state of virtualization in the software industry. X86 hypervisors were built to run a few different operating systems on the…
The article from Lars Kurth, the Xen Project chairperson, was first published on Linux.com. A few weeks ago, Citrix and Bitdefender launched XenServer 7 and Bitdefender Hypervisor Introspection, which together…
This is a guest blog post by Rich Persaud, former member of the Citrix XenServer and XenClient engineering and business teams. He is currently a consultant to BAE Systems, working…
We’ve just released a rather interesting batch of Xen security advisories. This has given rise in some quarters to grumbling around Xen not taking security seriously. I have a longstanding…
The security threats we’re facing today are becoming increasingly sophisticated. Rootkits, and malware taking advantage of kernel and 0-day vulnerabilities pose especially serious challenges for classic anti-malware solutions, due to…
Yes, apparently Schrödinger’s cat is alive, as the latest release of Fedora — Fedora 19, codename Schrödinger’s cat– as been released on July 2nd, and that even happened quite on time. So, apparently, putting the cat “in a box” and all the stuff was way too easy, and that’s why we are bringing the challenge to the next level: do you dare putting Schrödinger’s cat “in a virtual box”?
In other words, do you dare install Fedora 19 within a Xen virtual machine? And if yes, how about doing that using Fedora 19 itself as Dom0?
Henning Sprang, Mark Williamson, and I discussed the issue of people reporting bugs in the Bugzilla system with no guarantee that anyone was watching or working on the Bugzilla system….