Here come hypervisors you can trust
Virtualisation has always bothered me. This is perhaps an odd statement to make; after all, I am personally responsible for virtualising thousands of servers. But the truth of it lies in the special status the IT community has ascribed to hypervisors. When we nerds talk about virtualisation, especially with relation to servers, we don't talk about loading an operating system onto a server, we load a hypervisor. It's a dangerous distinction and one that often leads systems administrators up a dark path of forgetting that a hypervisor is just as much of a security risk as any other operating system. Indeed, hypervisors should be considered a bigger security risk than the traditional baremetal operating system for the simple reason that we have become reliant upon them to host dozens, or even hundreds, of virtual machines per physical server. Yet by and large, we tend to neglect the hypervisor, trusting it to just work.