Hackers will break virtualization at Microsoft’s BlueHat conference

By Microsoft Subnet on Fri, 09/21/07 - 3:30pm.

Check out this rad cool thing Next week, BlueHat v6 commences. For all the grief the Microsoft security folks get (including landing on a list of worst jobs ), one of the cooler things they do is BlueHat. This is an annual invitational conference in which hackers are invited to Redmond to meet with the Microsoft security Big Cheeses and demonstrate how they break Microsoft products.The theme for v6 is cutely named "The Vuln Behind The Curtain." The targets of this year's hacking will be virtualization and process isolation.

While the conference itself is a closed-door event, Microsoft is fairly open about what is being covered. According to a blog posting from Andrew Cushman , Microsoft's director of security outreach:

"We've got a couple of talks on Windows Mobile and more about automated exploit creation - this time using Metasploit. There will also be a talk on a DNS pinning design issue that demonstrates how Internet Explorer can turn into a VPN concentrator. All this--and talks on Office, Binary Instrumentation, Visualization and the Economics of Security"

ZDNet security blogger, Ryan Naraine, has an interesting take on BlueHat v6, too.

"Researchers are divided over whether hypervisor rootkits presents a realistic threat. Joanna Rutkowska, for example, claims that malware can be made "100% undetectable" but, at this year's Black Hat Briefings, a group of her peers openly challenged that assertion, insisting that virtual machine rootkits are rather easy to detect."

Naraine notes that Microsoft's stake in the debate stems from earlier this year when the company revoked plans that would have had it easing Vista licensing agreements to account for virtualization.

The excuse it used was that hardware virtualization technology was a security risk.