When thinking of IT security, there are a few names which immediately come to mind. One of these is Bruce Schneier, another is Rafal Lukawiecki and another is Steve Gibson. I recently began to listen to Steve Gibson’s Security Now podcast with Leo Laporte and originally I thought a security podcast would be dull – although it does seem to me that this one is as often about new hardware and software technologies as it is about security – but I was pleased to discover that it’s enjoyable listening as Steve does a very good job of describing security issues in basic terms (he can be very outspoken though and does sometimes let himself down on his broader knowledge of the non-security elements).
I’ve written a lot on this blog about virtualisation technologies but never really covered the basics of what virtualisation is. I had thought of writing a blog post on the topic but, as there are a number of Security Now podcasts that do a better job, I recommend listening to (or reading the transcript for):
Security Now episode 50: Introduction to virtualisation (transcript).
I found this particularly interesting, describing the history of virtualisation technology, from 1960s IBM mainframes right up to the present day. If that whetted your appetite then the following episodes may also be interesting:
Security Now episode 53: Virtualisation part 2 (transcript).
Security Now episode 54: Blue pill (transcript).
Security Now episode 55: Application sandboxes (transcript).
Security Now episode 57: Virtual PC (transcript).
Security Now episode 59: Parallels (transcript).
I should point out though that I did notice a few errors:
- The reference to the 640MB memory limit in MS-DOS should be 640KB (as acknowledged in the following podcast).
- VMware Server does support both USB and sound (as acknowledged in the following podcast).
- Windows Vista has no noticeable performance issues on my Virtual Server 2005 R2 server although it’s not possible to render 3D graphics as the virtual hardware does not support it.
- Microsoft does support Linux in a VM (there are even VM Additions for Linux).
It’s a shame that these errors crept in as it would have a huge effect on the overall positioning of Microsoft’s virtualisation products in the Virtual PC podcast (episode 57). Having said that, Virtual Server does has a number of issues when it comes to managing it in a cross-platform environment – it may have a web interface but it relies on ActiveX (so, requires Internet Explorer on Windows) and the Virtual Machine Remote Control (VMRC) client is not available for non-Windows platforms (despite using port 5900, suggesting it may be related to VNC, I can’t seem to get it working using a VNC client).
VMware may well have a more advanced product set (with Workstation, Virtual Infrastructure 3 and VirtualCenter 2) but from my experiences of dealing with the company it seems that they are going through some growing pains and I am sure that Microsoft will catch up over time. What seems to be certain, is that virtualisation is more than just the buzzword of 2006.