vm   13020

« earlier    

Qubes OS: A reasonably secure operating system
"Qubes takes an approach called security by compartmentalization, which allows you to compartmentalize the various parts of your digital life into securely isolated compartments called qubes.

This approach allows you to keep the different things you do on your computer securely separated from each other in isolated qubes so that one qube getting compromised won’t affect the others. For example, you might have one qube for visiting untrusted websites and a different qube for doing online banking. This way, if your untrusted browsing qube gets compromised by a malware-laden website, your online banking activities won’t be at risk. Similarly, if you’re concerned about malicious email attachments, Qubes can make it so that every attachment gets opened in its own single-use disposable qube. In this way, Qubes allows you to do everything on the same physical computer without having to worry about a single successful cyberattack taking down your entire digital life in one fell swoop.

Moreover, all of these isolated qubes are integrated into a single, usable system. Programs are isolated in their own separate qubes, but all windows are displayed in a single, unified desktop environment with unforgeable colored window borders so that you can easily identify windows from different security levels. Common attack vectors like network cards and USB controllers are isolated in their own hardware qubes while their functionality is preserved through secure networking, firewalls, and USB device management. Integrated file and clipboard copy and paste operations make it easy to work across various qubes without compromising security. The innovative Template system separates software installation from software use, allowing qubes to share a root filesystem without sacrificing security (and saving disk space, to boot). (...)"
privacy  security  opensource  linux  os  vm 
yesterday by eric.brechemier
Free Cloud Shell!
So apparently google provides you with a free debian 7 VM with 5GB persistent home directory (though if you disconnect any apps temporarily installed get blown away if not in $home) if you have a valid gmail account. Not quite raining shells but...
google  cloud  VM  debian  shell  account  security  hacking  pentesting 
yesterday by asteroza
KVM LVM backup, cloning, and more
This enables us to make reliable backups of a virtual machine’s disk even while the virtual machine is running, by simply backing up the snapshot rather than the main disk. The first step is creating the snapshot. [...]
backup  kvm  lvm  cloning  virtualization  vm 
9 days ago by dusko
VMBK.pl - Backup script for VMWare ESX
Backup script for VMWare ESX :

What is vmbk?
It's a perl script procedure to permit VMWare ESX guest's hot backup.

How it works?
It uses the ESX functions in order to create a REDO LOG Disk, in order to allow the backup of the disk through VMFSTOOLS command.
backup  vmware  vm  virtualization  perl  shell  cli 
9 days ago by dusko
Remus provides transparent, comprehensive high availability to ordinary virtual machines running on the Xen virtual machine monitor. It does this by maintaining a completely up-to-date copy of a running VM on a backup server, which automatically activates if the primary server fails.
sysadmin  xen  kvm  vm  virtualization 
9 days ago by dusko
The Dex File Format
Learn about the Dex file format through an in-depth example and how minification and obfuscation lead to a better Android application.
Android  dex  vm 
11 days ago by lenciel
Researchers steal data from CPU cache shared by two VMs • The Register
A paper titled Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud (PDF) explains the challenges of extracting data from CPU cache, a very contested resource in which the OS, the hypervisor and applications all conduct frequent operations. All that activity makes a lot of noise, defying attempts to create a persistent communications channel.

Until now, as the researchers claim they've built “a high-throughput covert channel [that] can sustain transmission rates of more than 45 KBps on Amazon EC2”. They've even encrypted it: the technique establishes a TCP network within the cache and transmits data using SSH.
aws  cloud  cpu  exploit  cybersecurity  vm  spectre  meltdown 
13 days ago by bwiese

« earlier    

related tags

10  1and1  2017  5*  accessibility  account  additions  alex  alternative  amazon  android  ansible  app-engine  architecture  article  ass  assembler  assembleur  automation  aws  azure  backup  badtech  beam  binary  bitcoin  blockchain  blocks  blog  bootcamp  box  browser  buch  bug  burst  clearos  cli  cloning  cloud  commercial  computers  computing  container  containers  containrs  cop3402  copy.on.write  course  cpu  cpus  creation  crio  cybersecurity  debian  deployment  desktop  dev  development  devops  dex  distros  docker  docs  documentation  ec2  edge  education  elixir  embedded  environment  erlang  esxi  etsy  exploit  faq  floss  folder  freenas  fridayfrontend  functions  games  gc  gce  gcp  glusterfs  google-cloud  google  gpu  guest  hacking  hosting  howto  https  hyper-v  hypervisor  iaas  illumos  image  in  intel  io  ios  iot  isolation  java  javascript  jenkins  joyent  js  jvm  kubernetes  kvm  l1  learn  letsencrypt  level1linux  level1techs  libvirt  lightvm  linode  linux  low-level  lpt  lua  lvm  lxc  lxd  mac-os-x  mac  machine  macos  mailserver  maintenance  management  manager  meltdown  mesos  microsoft  migration  mmu  mongodb  nestingvm  network  networking  nodejs  nt  objective-c  opensource  operations  oracle  os  osx  ovh  pain  paper  pass  pcie  pentesting  performance  perl  php  platform  pocket  prgmr  pricing  privacy  processor  programmierung  programming  provisioning  proxmox  python  qa  racket  rkt  rsnapshot  rsync  runtime  scheme  script  security  server  servergraph  serverpilot  shared  shell  software  solaris  spectre  sr-iov  ssl  startup-script  sysadmin  technology  terraform  test  testing  the  thru  tools  training  tutorial  ubuntu  ucloud  unikernel  using  vagrant  vdi  virtual-box  virtual  virtualbox  virtualenv  virtualisation  virtualization  visualstudio  vmware  vps  web  webassembly  win  windows  windows_10  windwos  xen  zimbra 

Copy this bookmark: