"We’ve received a Xen Security Advisory that requires us to update a portion of our Amazon EC2 fleet. Fewer than 10% of EC2 customer instances will need to be rebooted. We’ve started notifying affected customers when their reboots will take place. These updates must be completed by March 10, 2015 before the underlying issues we are addressing are made public. Following security best practices, the details behind these issues will be withheld until they are made public on March 10."
Xen's hypervisor would seem to be a great place to implement live patching like KSplice/kGraft/Kpatch does for the Linux kernel. Presumably that stuff still works on KVM host machines with live guests.
One working week between notification arriving at security@xenproject and the issue of our own advisory to our predisclosure list. We will use this time to gather information and prepare our advisory, including required patches.
Two working weeks between issue of our advisory to our predisclosure list and publication.
When a discoverer reports a problem to us and requests longer delays than we would consider ideal, we will honour such a request if reasonable. If a discoverer wants an accelerated disclosure compared to what we would prefer, we naturally do not have the power to insist that a discoverer waits for us to be ready and will honour the date specified by the discoverer.
Naturally, if a vulnerability is being exploited in the wild we will make immediately public release of the advisory and patch(es) and expect others to do likewise.
This is an extraordinarily aggressive (in a good way) and transparent process. Big commercial vendors routinely sit on vulnerabilities for months.
Because responsible adults have demonstrated their ability to follow a coordinated disclosure policy which lets them improve their own security without harming anyone else's.
From what I understand, the bar to get on the pre-disclosure list is not high. If you are a legitimate company serving the public you will likely qualify.
First kernel with certain security guarantees formally proven; now open source. It can be used as a hypervisor which seems like its most obvious first use case. At least until there is enough middle-ware to build full systems directly with it.
It is indeed awesome, but from a practical perspective it doesn't even compare with Xen.
Hardware support is up to you. I think you can boot it on x86, but that's just the microkernel -- you have to add all the hardware support. I don't think seL4 is meant to run on servers either.
There are a lot of vulnerabilities which don't affect them though -- either because the vulnerabilities are in specific features which EC2 doesn't use, or because Amazon is very conservative about which versions of Xen it uses and most vulnerabilities are in relatively new code.
I certainly hope Amazon will respond to these publicly, but I won't be very surprised if the response is "doesn't affect us".
[+] [-] bscanlan|11 years ago|reply
"We’ve received a Xen Security Advisory that requires us to update a portion of our Amazon EC2 fleet. Fewer than 10% of EC2 customer instances will need to be rebooted. We’ve started notifying affected customers when their reboots will take place. These updates must be completed by March 10, 2015 before the underlying issues we are addressing are made public. Following security best practices, the details behind these issues will be withheld until they are made public on March 10."
[+] [-] j15e|11 years ago|reply
See https://community.rackspace.com/general/f/53/t/4978
[+] [-] plq|11 years ago|reply
[+] [-] cvuletich|11 years ago|reply
04:49:58 up 659 days
[+] [-] ryan-c|11 years ago|reply
[+] [-] mrsteveman1|11 years ago|reply
[+] [-] __bjoernd|11 years ago|reply
[+] [-] resc1440|11 years ago|reply
[+] [-] gnu8|11 years ago|reply
[+] [-] tptacek|11 years ago|reply
Two working weeks between issue of our advisory to our predisclosure list and publication.
When a discoverer reports a problem to us and requests longer delays than we would consider ideal, we will honour such a request if reasonable. If a discoverer wants an accelerated disclosure compared to what we would prefer, we naturally do not have the power to insist that a discoverer waits for us to be ready and will honour the date specified by the discoverer.
Naturally, if a vulnerability is being exploited in the wild we will make immediately public release of the advisory and patch(es) and expect others to do likewise.
This is an extraordinarily aggressive (in a good way) and transparent process. Big commercial vendors routinely sit on vulnerabilities for months.
[+] [-] jmiwhite|11 years ago|reply
http://www.xenproject.org/security-policy.html
[+] [-] danielweber|11 years ago|reply
[+] [-] hiou|11 years ago|reply
[+] [-] eloff|11 years ago|reply
[+] [-] namplaa|11 years ago|reply
[+] [-] chisleu|11 years ago|reply
[+] [-] pa7ch|11 years ago|reply
First kernel with certain security guarantees formally proven; now open source. It can be used as a hypervisor which seems like its most obvious first use case. At least until there is enough middle-ware to build full systems directly with it.
[+] [-] chubot|11 years ago|reply
Hardware support is up to you. I think you can boot it on x86, but that's just the microkernel -- you have to add all the hardware support. I don't think seL4 is meant to run on servers either.
[+] [-] pjmlp|11 years ago|reply
[+] [-] runamok|11 years ago|reply
[+] [-] cperciva|11 years ago|reply
I certainly hope Amazon will respond to these publicly, but I won't be very surprised if the response is "doesn't affect us".
[+] [-] somanim|11 years ago|reply
[+] [-] j_mcnally|11 years ago|reply
[+] [-] kylewilliams212|11 years ago|reply
[deleted]