Chris, thanks for for sharing the link. If this stuff is true, it
could pose some serious problems for Amazon or any other Xen hosters..
ruv
These papers assume access to hypervisor, AMI instances(domU) do not have access to it.
None of the Amazon dom0s are network accessible. Most likely the dom0
is tied to a completely separate NIC and remote access to it is mostly
impossible without a major good on Amazon's part. If they are being
particularly paranoid they are likely pro-actively scanning to make
sure none of their dom0s suddenly become accessible.
I'd be most concerned about mis-configuration issues that expose the
dom0 or insider attacks. Either one is fairly unlikely in the grand
scheme of things.
--Randy
Randy Bias, Founder, CloudScale
(877) 636-8589, ran...@cloudscale.net
blog: http://neotactics.com/blog
Sassa
2008/8/9 Khazret Sapenov <sap...@gmail.com>: