On 07/13/2017 08:02 PM, Marek Marczykowski-Górecki wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On Thu, Jul 13, 2017 at 04:45:35PM -0700, pixel fairy wrote:
>> On Friday, July 7, 2017 at 1:20:10 PM UTC-7, Chris Laprise wrote:
>>>
>>> I know Joanna's reservations about VM introspection, but this
>>> Bitdefender introspection example is interesting nonetheless:
>>>
>>>
>>>
https://businessinsights.bitdefender.com/hypervisor-introspection-defeated-enternalblue-a-priori
>>>
>>
>> Im curious about these reservations. is it the attack surface?
>
> Yes, at least two kinds:
> 1. Enabling API for reading VM memory break VM isolation - misbehaving
> monitoring VM can steal any secret and you'll never know
If scanning VM instance (template based) could be granted access to only
one subject VM, risk may not be terribly different from a disposable VM
used to render documents.
This can also be approximated to some degree when scanning the private
storage of a subject VM... the attach function permits access to nothing
else, and the scanner's state will disappear after it issues a
(hopefully not false-negative) report and shuts down.
A template-based VM may also perform checks on its own private storage
as its mounted, as I'm exploring in a simple way with Qubes-VM-hardening.
But 'attaching' a subject VM's memory as if it were a read-only drive
would be a nifty thing to see.*
> 2. Parsing VM memory (operating system structures, application
> structures etc) is very complex - VM that know it is monitored can try
> exploit the parsing code; then go to point 1 for example
>
> As for examples what could possibly go wrong when adding anti-virus
> parsing whatever it can find, see here:
>
https://bugs.chromium.org/p/project-zero/issues/detail?id=1252
Of course, but recognizing browser + traditional OS threat model is
somewhat different vs Qubes disposable VMs.
(* Not suggesting feature requests; just want to explore possibilities.)