I have written before about a lion loose in the zoo, eating children. (Okay, maybe there were no explicit children dinners.) When someone breaks into one of your computers (or network devices, or printers, etc.), they are like a lion loose in the zoo. There is another type of zoo animal that can get loose and cause quite a bit of mischief, chaos, and mayhem — the not-so-innocent chimpanzee. Give a chimpanzee a skeleton key to all the cages in the zoo, and…

There is a category of exploits that affect the CPU. Meltdown and Spectre are examples, but I assure you there are more. What makes these exploits so worrisome is not that they let a hacker in, but that they give a skeleton key to a chimpanzee. A good way to save money and supposedly improve security is to run multiple virtual machines (VM) under a single hypervisor. This describes solutions like VMWare, Xen, and pretty much all the big cloud services (AWS, Azure, Google Cloud).

Think of each VM as a cage with its own animals. We keep the animals in separate cages so they don’t eat each other. Unfortunately, we lose something when we put all of these caged animals in our hypervisor zoo — we lose the ability to see, easily, what is happening when one of those animals breaks out. Imagine one of your VMs has a gang of unruly chimps. A Meltdown or Spectre exploit is the equivalent of a skeleton key that the chimps can use to open their cage. They break out of the VM and gain direct access to the hypervisor and underlying hardware. When the chimps start running lose in the streets, where is your security then?

I have been worried about the rampaging chimp problem long before Meltdown and Spectre hit the news. For me, the problem is more general — How do I know what is going on? Where is my situational awareness when everything is running in VMs? For me, the answer was tools that give me visibility into and control over the various animal cages. If those chimps get loose, I want to be notified immediately, to see where the chimps are and where they are going, and have a handy-dandy freeze-a-chimp gun ready to fire at a moment’s notice. Given these tools, I feel pretty comfortable in the zoo.

