I know it's flawed. This is a legacy solution, and the new security model is
ongoing. But as you know, it costs time. Before this, I must maintain the
program.


2006/7/6, Jan Marten Simons <marten@xtal.rwth-aachen.de>:
>
> James Lau wrote:
> > My program is a utility for internet payment. It takes an important
> > role in the payment process to ensure security.  One of the key
> > functions is that the program should detect which machine is paying.
> > So while virtual machine (like QEMU) is present, it can cheat the
> > program.
> Well, to say it bluntly: Your security concept is flawed, as you cannot
> assume a client to be trusted. Rethink your concept. A Kerberos 5 like
> model might help you here.
> > Checking the hard disk model, cpu type, and other hardward
> > informations makes little sense.  Because the users or the hackers can
> > easily modify these informations. So I need a QEMU internal checking
> > method that hackers can't easily bypass.
> Just for your information: There's a project derived from qemu named
> 'argos' which tries to setup a high interaction honeypot to fool hackers
> into revealing their techniques and tools. If they can fool skilled
> hackers to take the vm for a real system, then your programm can be
> fooled as well.
>
> With regards,
> Jan
>
>
>
> _______________________________________________
> Qemu-devel mailing list
> Qemu-devel@nongnu.org
> http://lists.nongnu.org/mailman/listinfo/qemu-devel
>