Ok, so I wont say it:)
Seriously, though, there are some problems with this kind of technology:
1) you may have several "secure" virtual machines, but what if the OTHER non-secure VMs are comprimised, and are set to crack/infiltrate your secure VMs? You'd have crackers beating down your door, and they wouldn't even necessarily have to be pounding on some port...
2) unless you are doing SMP and have OTHER processors to split amongst these tasks, wouldn't several VMs on one machine slow the piss out of it, even with all the speed advances in processors, etc
3) unless the "task-switching" mechanism is built into the hardware, and the data for it are taken from some type of rom, you're risking the chance of one process getting under that very task-switching mechanism, like we used to do with tunneling interrupts, to get in UNDER the interrupt and get our routine called before/instead of the one that was intended. Afterward, the switching would be compromised, yeilding the possibility of nabbing "secure" data, or maybe giving a bogus VM false secure status, or how about even giving certain VMs a higher execution priority: you have a remote connection to a machine running your VM in addition to 7 others. You all are allotted an equal slice of time, but since you've "(task)switch-tunneled, you give your machine %75 percent of the allotted time, and leave the other poor bastards to fight over the remaining %25 percent. Apply that to a shared-resource business idea... Hmmm... wonder if that would help my frag count...
Slashdot Mirror
Maybe this has something to do with that nifty Self-assembling "nano-building" virus from a couple stories ago :)
"Wait, this isn't my drink! AARRGGHH!!"
Ok, so I wont say it :)
Seriously, though, there are some problems with this kind of technology:
1) you may have several "secure" virtual machines, but what if the OTHER non-secure VMs are comprimised, and are set to crack/infiltrate your secure VMs? You'd have crackers beating down your door, and they wouldn't even necessarily have to be pounding on some port...
2) unless you are doing SMP and have OTHER processors to split amongst these tasks, wouldn't several VMs on one machine slow the piss out of it, even with all the speed advances in processors, etc
3) unless the "task-switching" mechanism is built into the hardware, and the data for it are taken from some type of rom, you're risking the chance of one process getting under that very task-switching mechanism, like we used to do with tunneling interrupts, to get in UNDER the interrupt and get our routine called before/instead of the one that was intended. Afterward, the switching would be compromised, yeilding the possibility of nabbing "secure" data, or maybe giving a bogus VM false secure status, or how about even giving certain VMs a higher execution priority: you have a remote connection to a machine running your VM in addition to 7 others. You all are allotted an equal slice of time, but since you've "(task)switch-tunneled, you give your machine %75 percent of the allotted time, and leave the other poor bastards to fight over the remaining %25 percent. Apply that to a shared-resource business idea... Hmmm... wonder if that would help my frag count...