On Sun, Apr 10, 2011 at 4:19 PM, Kuniyasu Suzaki <k.suzaki@xxxxxxxxxx> wrote: > > From: Avi Kivity <avi@xxxxxxxxxx> > Subject: Re: EuroSec'11 Presentation > Date: Sun, 10 Apr 2011 17:49:52 +0300 > >> On 04/10/2011 05:23 PM, Kuniyasu Suzaki wrote: >> > Dear, >> > >> > I made a presentation about memory disclosure attack on SKM (Kernel >> > Samepage Merging) with KVM at EuroSec 2011. >> > The titile is "Memory Deduplication as a Threat to the Guest OS". >> > http://www.iseclab.org/eurosec-2011/program.html >> > >> > The slide is downloadbale. >> > http://www.slideshare.net/suzaki/eurosec2011-slide-memory-deduplication >> > The paper will be downloadble form ACM Digital Library. >> > >> > Please tell me, if you have comments. Thank you. >> >> Very interesting presentation. It seems every time you share something, >> it become a target for attacks. > > I'm happy to hear your comments. > The referee's comment was severe. It said there was not brand-new > point, but there are real attack experiences. My paper was just > evaluated the detction on apahce2 and sshd on Linux Guest OS and > Firefox and IE6 on Windows Guest OS. If I have a VM on the same physical host as someone else I may be able to determine which programs and specific versions they are currently running. Is there some creative attack using this technique that I'm missing? I don't see many serious threats. Stefan -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
