Microsoft insults our intelligence on Virtualization security

With the announcement that Microsoft will not ease up on its EULA (End User License Agreement) terms for virtualizing lower-tiered versions of Windows Vista, Microsoft has once again pulled out the security argument for its decision again and I must say that I find it rather insulting.  It's not that I think Microsoft doesn't have a right as a private business to set the terms of the EULA as they see fit, but don't take us for fools.

With the announcement that Microsoft will not ease up on its EULA (End User License Agreement) terms for virtualizing lower-tiered versions of Windows Vista, Microsoft has once again pulled out the security argument for its decision again and I must say that I find it rather insulting.  It's not that I think Microsoft doesn't have a right as a private business to set the terms of the EULA as they see fit, but don't take us for fools.  If they want to restrict Virtualization, just come out and say it and don't make up ridiculous excuses for it.  If Microsoft doesn't want Mac users to be able to run Vista Home inside Parallels for strategic reasons, then that is their business.  Trying to stop a Hypervisor Rootkit with a EULA is like trying to stop Malware with a EULABut since that doesn't sound warm and fuzzy, we keep hearing the security argument.  The problem is that this is disingenuous and could damage public relations in the long run.

If it were possible to stop malicious activity with a few choice words in a license agreement, then we would be in secure computing utopia right now.  You don't even need to be a security expert to smell the bad logic in this argument.  If it is as Microsoft says dangerous to permit an Operating System to be virtualized because of Hypervisor-based Rootkits, then why only make that restriction on less expensive versions of Vista?  But the truth of the matter is that the Operating System isn't in a position to decide whether it gets virtualized or not especially when it's a transparent hardware-based virtualization technology.

Trying to stop a Hypervisor Rootkit with a EULA is like trying to stop Malware with a EULA.  If and when a Rootkit wants to put the host Operating System in to a virtual prison, it will do so silently and the host will have no conventional means to detect the compromise.  The only effective way to stop this kind of activity is to disable Intel VT and AMD's AMD-V (AKA Pacifica) technology from within the BIOS.  Stopping Hypervisor Rootkits has nothing to do with the EULA and Microsoft should come clean on this.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All