VMScape and why Xen dodged it

https://virtualize.sh/blog/vmscape-and-why-xen-dodged-it/

38•plam503711•1h ago

Comments

indigodaddy•36m ago

If anyone was looking there are still some Xen VPS providers around, one of the oldest being Tornado VPS (formerly prgmr.com).

https://tornadovps.com/about

The founders literally wrote the book on xen:

https://nostarch.com/releases/xen.html

transpute•27m ago

On HP business PCs, Xen's microkernel architecture was extended for copy-on-write nested virtualization microVMs (VM per browser tab or HTTP connection) and UEFI-in-VM, https://www.platformsecuritysummit.com/2018/speaker/pratt/ | https://news.ycombinator.com/item?id=42282053#42286147

Imminent unification of Android and ChromeOS will likely use a similar h/w nested-virt architecture based on L0 pKVM + L1 KVM hypervisors on Arm devices.

Honda is using Xen, "How to accelerate Software Defined Vehicle" (2025), https://static.sched.com/hosted_files/xensummit2025/93/HowTo...

yjftsjthsd-h•19m ago

I guess I don't quite follow. The attack can let an attacker in a normal VM see memory in either the host or a Xen dom0 VM. Why is it less impactful to get memory from the management VM instead of the host?

bayesnet•15m ago

While it’s interesting that Dom0 avoids Spectre-style branch prediction attacks it’s not clear from TFA exactly why that is so. How does the architecture of the hypervisor avoid an attack that seems to be at the hardware level? From my limited understanding of Spectre and Meltdown, swapping from a monolithic to a microkernel wouldn’t mitigate an attack. The mitigations discussed in the VMscape paper [0] are hardware mitigations in my reading. And I don’t see Xen mentioned anywhere in the paper for that matter.

I guess it’s sort of off topic, but I was enjoying reading this until I got to the “That’s not just elegant — it’s a big deal for security” line that smelled like LLM-generated content.

Maybe that reaction is hypocritical. I like LLMs; I use them every day for coding and writing. I just can’t shake the feeling that I’ve somehow been swindled if the author didn’t care enough to edit out the “obvious” LLM tells.

[0]: https://comsec-files.ethz.ch/papers/vmscape_sp26.pdf

Show HN: NickelJoke: Premium Comedy for a Nickel

If Placebos Work So Well, Why Not Prescribe Sugar Pills for Everything?

One Week with the iPhone 17 Pro

'It's a superfood ' Why tempeh is suddenly on every menu

The mechanics of software engineering teams

Dodecahedron Speaker Is Biblically Accurate

The economics of self-driving taxis

Clyde Kruskal talks about his Father Martin on Martin's 100th birthday

Study of 1M-year-old skull points to earlier origins of modern humans

Obamify – Turn any image into Obama

Helium a tiny JavaScript library like Alpine

Time to Separate the Art from the Artist

UT San Antonio researchers develop safer non-opioid alternatives for pain relief

K8s on Hetzner vs. AWS Fargate

Accenture plans to "ditch" staff who can't be retrained in AI

Famed roboticist says humanoid robot bubble is doomed to burst

China's crackdown on pessimistic and hostile content

Consistent Hashing

Google to merge Android and ChromeOS in 2026, because AI

Go Proposal: Hashers

Serial killer case sets precedent to using whole-genome sequencing as evidence

Seeking Freelancer with embedded systems experience – CT – Remote

More Perfect Union videos are wildly deceptive on data center water use

"Every Hard Drive I've Owned Has Been Larger Than All My Previous Ones Combined"

Bcachefs: DKMS availability/migration general announcement

The Art of the Impersonal Essay

Show HN: AI Dojo – open-source LeetCode-style trainer for AI prompts

Higher disease risk nations are more optimistic about humanity's future

What is "good taste" in software engineering?

Losing Your Voice to AI – An End-of-Semester Ramble [video]