From: Paolo Bonzini <pbonzini@redhat.com>
To: "Bud P. Bruegger" <bruegger@ancitel.it>
Cc: qemu-devel@nongnu.org, John Forrester <forrester@ancitel.it>
Subject: [Qemu-devel] Re: QEMU as a "virtual smart card"?
Date: Wed, 02 Sep 2009 08:58:21 +0200 [thread overview]
Message-ID: <4A9E178D.90804@redhat.com> (raw)
In-Reply-To: <20090831180825.6ed2ea55@bud-laptop>
> At least looking naively at QEMU, it seems that its CPU and RAM are
> well protected from the host operating system--in a way to say make it
> practically impossible for some malware to extract the secret key used
> in a virtual machine.
I don't understand: the host operating system, by definition, can see
everything. A privileged process (i.e. running as root) can always look
at /dev/mem and read info about QEMU's CPU and RAM.
> We are also interested in the isolation of input devices, in
> particularly the keyboard as to prevent PIN sniffing. My "naive"
> impression is that key logging for a PS/2 keyboard is probably more
> difficult than with a USB keyboard. Is there any thruth to my
> misconception?
If you mean by cracking the keyboard itself, USB keyboards have a
firmware while PS/2 keyboards have only some glue logic, so I'd tend to
agree. For PS/2 you would need physical access to the cable, after
which all hopes are off anyway. For software attacks (i.e. in the OS) I
don't think there is any difference.
> * Is there any way of getting exclusive access to an USB pen drive
> from a virtual machine, preventing the host operating system to say take
> an image of the content?
Again, not if the attacker can run privileged processes on the host.
Paolo
next prev parent reply other threads:[~2009-09-02 7:20 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-31 16:08 [Qemu-devel] QEMU as a "virtual smart card"? Bud P. Bruegger
2009-09-01 22:27 ` Laurent Vivier
2009-09-01 23:47 ` Jamie Lokier
2009-09-02 14:58 ` Blue Swirl
2009-09-03 15:09 ` Bud P. Bruegger
2009-09-03 18:51 ` Blue Swirl
2009-09-04 12:08 ` Paul Brook
2009-09-04 13:12 ` Lennart Sorensen
2009-09-04 13:40 ` Bud P. Bruegger
2009-09-05 2:21 ` Jamie Lokier
2009-09-02 6:58 ` Paolo Bonzini [this message]
2009-09-02 9:17 ` [Qemu-devel] " François Revol
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A9E178D.90804@redhat.com \
--to=pbonzini@redhat.com \
--cc=bruegger@ancitel.it \
--cc=forrester@ancitel.it \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).