For those who haven’t heard about the Xen 0wning Trilogy, make sure to check that out here and here.
In a followup post to some apparent misinformation being spread (Microsoft executive “rebuts” our research!), I was surprised by this comment:
Interestingly, if Mr. Riley only attended our Xen 0wning Trilogy at Black Hat, then he would notice that we were actually very positive about Hyper-V. Of course, I pointed out that Xen 3.3 certainly has a more secure architecture right now, but I also said that I knew (from talking to some MS engineers from the virtualization group) that Hyper-V is going to implement similar features in the next version(s) and that this is very good. I also prized the fact it has only about 100k LOC (vs. about 300k LOC in Xen 3.3).
Xen 3.3 has grown to 300k lines of code for the hypervisor?
At what point does the “tight security auditability” argument start to exponentially diminish for hypervisors in ring 0?
3 Responses to “Xen LOC”
September 15th, 2008 at 1:10 pm
According to the Xen devel mailing list (http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00355.html)
150k is a more sensible estimate of the LOC for the Hypervisor.
However, it is still a rather large number and worrying trend.
September 15th, 2008 at 2:18 pm
I thought this was a pretty cool/funny video (http://nohardware.com/)
This video pokes fun at many of the geeky system administrators out there. I guess server humor does exist after all.
September 15th, 2008 at 2:26 pm
Thanks for the pointer, anonymous.