On Thu, Oct 25, 2007 at 03:27:07PM -0700, Adam Getchell wrote: > On 10/25/07, Jason Dixon <[EMAIL PROTECTED]> wrote: > > On Thu, Oct 25, 2007 at 01:45:23PM -0500, L. V. Lammert wrote: > > > At 02:28 PM 10/25/2007 -0400, Jason Dixon wrote: > > > >Sure you do. You claim that the following statement is wrong, but you > > > >don't offer any explanation. That's crap. > > > > > > > >"There is *nothing* in any virtualization software that makes having it > > > >*more secure* than not having it at all." > > > Explain how the previous statement is incorrect, as you claim. > > I explained it here [1] in a previous post, which demonstrates a > method for detecting rootkits that would be otherwise undetectable > without virtualization.
I think you mean "undetectable in a running system", don't you? At least, that's the gist I got from those slides. That does not equate to a more secure system, just one that might be more conveniently (although not necessarily more accurately) audited. -J.
