This original post can be found here:
http://xato.net/bl/2007/08/22/vmware-guest-isolation-vulnerability/
Mark Burnett
http://xato.net
unpausing the VM? No scripting interface is needed. How about editing
the virtual disk image and replacing one of the cron scripts with a
shell-on-a-port? Rebooting the VM and going single user? If you control
the VMware process, you control the guest. Fully and Completely.
> Mark Burnett
> http://xato.net
Tim Newsham
http://www.thenewsh.com/~newsham/
theories that just about everyone was working with the NSA, would we have
had more doubts when the story originally broke? I think we would have. Will
we be more skeptical of the next accusation? Surely we will.
Mark Burnett
Refs:
http://cryptome.org/nsa-ip-update15.htm
http://xato.net/bl/2007/12/22/nsa-controls-internet/
Would you consider your machine locked down if someone could open
your computer case, yank the hard drive and attach new devices to the
system at will? Well, with a virtual machine they can do that while
the machine is running.
> Mark Burnett
> http://xato.net
Tim Newsham
http://www.thenewsh.com/~newsham/
e-mail attachment you send them, you can probably do anything you want on
their computer anyway.
Mark Burnett
http://xato.net
And you do not need to be logged in, the VIX API allows you to wait until
the command actually runs. So it can just sit there until the next time you
do login to the console.
Mark Burnett
http://xato.net
The NSA controls most of the Internet, or at least that's what they want you
to think
http://xato.net/bl/2007/12/22/nsa-controls-internet/
Mark Burnett
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@isatools.org]
But now there is.
Mark Burnett
http://xato.net
> Would you consider your machine locked down if someone could open
> your computer case, yank the hard drive and attach new devices to the
> system at will? Well, with a virtual machine they can do that while
> the machine is running.
>
> > Mark Burnett
> > http://xato.net
>
> Tim Newsham
> http://www.thenewsh.com/~newsham/
