(via Instapaper)

I have been using virtualization since starting up on the job with Arcadia, and I am not going back. I love that machine state can be saved for archiving, reuse or packaged as a product.

The piece I link to here presents a virtualization implementation that makes the virtual machine run in a stealthy fashion with respect to the host machine and other VMs. The tech is introduced as a way to run sensitive computations in a securized environment, which is nice. My take is that it can also be used for nefarious purposes: such a stealthy VM can be implanted from malware and then used as a fully-featured backdoor for snooping, illegal file storage and running payloads.

In addition, if the stealthy VM runs on a dedicated CPU core with a dedicated memory block, it can likely be detected by attempting to run a program that would make use of the full capabilities of the host system. In other words, the VM itself is not dedicated, but its resource usage cannot go unnoticed in all situations.