Log in

View Full Version : Intel VT-x technology


TiGa
August 7th, 2007, 00:54
I've been reading about Intel Virtualization Technology lately.

It is supposed to completely isolate a VM from the host OS and prevent a guest OS from being aware it is run inside a VM.
It is supposed to be more secure by giving a VM direct hardware access.

NOTE: Intel never implies 100% reliability.

One of the independent papers I read:
http://altair.snu.ac.kr/newhome/kr/course/system_software/2005/SystemVM2.ppt

Do the VMX instructions really make a difference about how the VM is handled?
Could they prevent a program from noticing it is being run in a VM?

I would normally test this by myself but I am restricted by my hardware.
TiGa

TiGa
August 11th, 2007, 14:50
It looks like I've found an answer to my question by myself.

There is a good description of Vanderpool in a paper explaining the Vitriol rootkit:
http://www.theta44.org/software/HVM_Rootkits_ddz_bh-usa-06.pdf

Vitriol is the equivalant of Blue Pill for Intel cpus.
http://www.bluepillproject.org/

TiGa