×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Dell Considers Bundling Virtualization on Mobos

Zonk posted more than 6 years ago | from the wave-of-the-future dept.

Operating Systems 138

castrox writes "Ars Technica is reporting that Dell may be considering bundling virtualization on some of their motherboards. No more dual boot or VMs inside the running OS? 'Any way you slice it, though, putting the hypervisor in a chunk of flash and letting it handle loading the OS is the way forward, especially for servers and probably even for enterprise desktops. Boot times, power consumption, security, and flexibility are all reasons to do this ... The big question is: which hypervisor will Dell bundle with its machines? Vance suggests hypervisors from XenSource and VMware as two options, but I think that VMware is the most likely candidate since it seems to be the x86 virtualization solution of choice for the moment. However, if Dell doesn't try too hard to lock it down, this system could easily be modified in an aftermarket fashion to include almost any hypervisor that could fit on the flash chip.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

138 comments

Overwhelming Support (3, Interesting)

Doc Ruby (173196) | more than 6 years ago | (#20172637)

Dell's gonna have a hell of a time supporting these complex features while it's closing down its call centers [google.com].

Re:Overwhelming Support (2, Funny)

Kadin2048 (468275) | more than 6 years ago | (#20173053)

Was anyone with a clue actually calling Dell's call centers anyway?

The only reason I've ever called a manufacturer's tech support line in years has been to get an RMA. And it's generally just irritating when they insist on taking me through their little script before they'll admit defeat and return the piece of junk.

The purpose of those call centers is probably mostly for "cupholder calls," and less so for support on their higher end products, which is where the virtualization hardware would be (at least initially). I assume corporations have direct access to Dell to process RMAs and warranty work, request on-site service, etc., without going through a callcenter drone.

Re:Overwhelming Support (5, Informative)

Forge (2456) | more than 6 years ago | (#20173735)

Close.

A few tips on calling Dell tech support if you are a competent engineer who diagnosed the problem before reporting it.

1. For a home PC the techs are so incompetent that it's easier to just lie about the nature of the problem. I.e. If your hard drive is on the fritz, making rattly sounds and loosing data just say "The drive is completely dead. When I connect it the BIOS doesn't even admit that it's there".

2. Gold support is better than economy or even silver, but not for the reasons on dell.com. It's better because they connect you to the most competent support guys almost immediately when you call the gold support line. Competent engineers know when they are speaking to an equal and will dispatch the required parts immediately. They also send out "just-in-case parts".

3. Call late at night if your warranty allows it. The brightest tech support guys in Texas know that the graveyard shift is the best time to work. Less traffic on the commute, more pay and more time available for none work related tasks. Your shortest and most fruitful calls will be at 2:00 AM.

4. Don't be afraid to hang up. I once had an external tape drive (PV 110T) that was bursting tapes whenever I initiated a backup. The tech support guy insisted that I must reboot the server so I could see if the drive shows up in the BIOS before he could go any further. I hung up, called back latter and got a brighter support guy who dispatched a replacement drive in around 5 minutes.

Re:Overwhelming Support (1)

Sylver Dragon (445237) | more than 6 years ago | (#20174357)

#2 is the most important, I find. Dell's non-Gold support is worthless. On the other hand, their Gold support is pretty darn good. Needless to say, every system we buy (which are mostly laptops) are bought with the Gold support and Complete-Care. The former gets me to techs who speak some form of English (a southern accent is the worst I get) and the later covers the occasional, "I spilled soda on my keyboard" errors. Which, considering the nature of the users I support, happen with alarming frequency.
One tip I would have for anyone calling Dell. Before calling, run the diagnostics they have bundled with the system (usually <F12> at POST), or go grab them from the Dell site and run them from a floppy/CD. When the tech comes on, explain your problem, and tell them the error code from the diagnostic program. 9 times out of 10, that has saved me the joys of running through the script, which incidentally enough, usually includes running that diagnostic tool. It's the difference between a 5 minute, "I'm having weird Windows errors, and your diagnostic program claims that DIMM B is bad. <insert usual memory swapping tests here>" And a much longer time for them dinking around in Windows trying to troubleshoot a hosed DIMM. Also, when you are having oddball errors with no obvious reason (malware, bad drivers, etc), that little tool is actually a good way to check if it's a hardware problem.

Re:Overwhelming Support (1)

no1nose (993082) | more than 6 years ago | (#20174853)

That is all very good advice. I work for a state government and we tend to get very good support from Dell. I think that item #4 (Don't be afraid to hang up) is among the best advice. It works on other customer care centers, too.

It is absurd (but true) that you can call a given company 5 times and get 5 different answers from the various phone-drones on the other end.

Re:Overwhelming Support (1)

leenks (906881) | more than 6 years ago | (#20175369)

Why is this absurd? If you call 5 times and get 5 different people of course you are going to get different answers.

FWIW I'm in the UK, and my organisation has bought Dell servers with 3yr bronze support, and we've never had any problems. An engineer turns up the next working day to do the swaps, and that's the end of the problem (everything from a failed fan unit in a disk array through to complete motherboard, ram, and cpu, and PSU replacement.

Maybe it depends what lines you buy from too?

Re:Overwhelming Support (1)

no1nose (993082) | more than 6 years ago | (#20175793)

I consider it to be absurd because I expect a high level of support every time I call - I don't like calling a company over and over until I get the answer I want.

That being said, I agree that Dell provides great support to business and government.

Re:Overwhelming Support (1)

jimicus (737525) | more than 6 years ago | (#20176121)

I consider it to be absurd because I expect a high level of support every time I call - I don't like calling a company over and over until I get the answer I want.

I'd like that as well. But I live in the real world - you can't realistically expect them to dedicate the same level of care to a PC which they sold for £250, netting a total profit of £25, as a server which they sold for £2500 with a profit margin of £1000. They've got to pay these people somehow.

Re:Overwhelming Support (0)

Anonymous Coward | more than 6 years ago | (#20176013)

All are very good points. I am one of the on-site techs, and I advise people of #1 and #4 quite frequently. Whenever you can cite an error code from a diagnostic program, the tech on the other end of the phone line knows what they need from you.

I have dealt with many helpdesks over the last few years, and Dell's has offered us the most support that I have ever seen. They truly work with us. Since I have a DCSE number, they usually ask for my opinion. That partnership really helps.

As for service plans, consider the 4-hour service when justified -- Those calls get the highest priority. I've seen several times when many more parts are sent "just in case."

Here's my tips... (1)

SanityInAnarchy (655584) | more than 6 years ago | (#20176081)

Admittedly, I haven't had cause to call Dell, but this works well for my ISP:

  1. Be honest. I know it's unusual advice, but if you attempt to bullshit your way through something, you may piss off the tech if they know what you're talking about -- or worse, they might believe you and skip a crucial step you didn't think you had to do.
  2. Be polite. Some of the following suggestions may require you to say something sort of condescending, so try your damnedest not to sound that way. And it goes without saying -- don't raise your voice.
  3. Don't swear. They are allowed to hang up on you if you do.
  4. Use big words that you don't actually need. See point #1 -- don't make stuff up -- but there's a good chance that if the tech actually doesn't understand what you're talking about, they'll escalate to someone who does.
  5. Be authoritative on what you do know. For example, if they tell you to reboot because they want you to try to get a new DHCP lease, suggest something like "ipconfig /renew". Assert that you do, in fact, know how DHCP works, and ask them to tell you what more rebooting will do. See point #2, though -- do it respectfully.
  6. Be willing to take steps you know are pointless. By now, you've tried steps #4 and #5, so you've got a very stubborn (probably stupid) tech who's sticking to a script. If you follow obediently, even if you really do the steps (remember point #1), you'll eventually either get to the good stuff, or they'll run out of script and escalate you.
  7. Try not to hang up -- if you call back later, you might even get the same person, depending on the size of the company. Either way, the tech you get first is not going to be one of the smart ones, because those are busy dealing with the calls that got escalated.
  8. Reward the techs who do well. When they're done, ask if you can speak to their manager, and put in a good word for them -- how helpful they were, how quickly your problem was solved, etc etc. It might help them get a promotion, but even if they don't, it means they're a lot less likely to be laid off than the dipshit down the hall who wants you to "ipconfig /renew" on a Mac. If enough of us do this, hopefully, we'll help in a sort of natural selection of better techs.

I'm thinking of writing a guide like this and distributing it, because these same principles do hold for anyone, regardless of technical skill. The language might change a bit -- for example, a nontechnical person should follow step #6 because what they "know" is not always true, and if they really knew everything, they wouldn't be calling for a tech. But the habits are the same.

Re:Overwhelming Support (1)

JazzLad (935151) | more than 6 years ago | (#20173781)

I assume corporations have direct access to Dell to process RMAs and warranty work, request on-site service, etc., without going through a callcenter drone.


Boy, I wish! At least their academic accounts don't seem to. Last time I had to RMA one for the university I worked for I had to sit on hold for a spell & then promise a nice bananna to get my RMA.

Oh, well.

Re:Overwhelming Support (1)

Lockejaw (955650) | more than 6 years ago | (#20174231)

Was anyone with a clue actually calling Dell's call centers anyway?
I don't care if anyone with a clue is calling. I really only care whether anyone with a clue is answering!

Re:Overwhelming Support (1)

jimicus (737525) | more than 6 years ago | (#20176079)

Certainly true with desktop support from practically any tier 1 OEM.

However, Dell's server support is a different kettle of fish entirely. Certainly in the UK, as soon as they know you're calling about a server with a support contract they connect you straight to a call centre in Ireland which is staffed by people with at least a modicum of intelligence and the ability to speak English clearly. Probably because there's more money in servers, and more to be lost by pissing off the bloke who's almost certainly spent the last 2 hours diagnosing the fault and knows full well it's hardware, thank you very much.

Re:Overwhelming Support (0)

Anonymous Coward | more than 6 years ago | (#20173315)

Support Center: 'Allo, my name is Gupta...er, Sanjay...er, Bill...'ow may I 'elp you zet up your bertualization?

No thanks!

Re:Overwhelming Support (0)

Anonymous Coward | more than 6 years ago | (#20173373)

Heh. Nicely done.

Re:Overwhelming Support (1)

Jack9 (11421) | more than 6 years ago | (#20173355)

Customers will just be calling Walmart shortly. Closing call centers and storefronts is just good business given the new opportunity to sell out of Walmart.

Re:Overwhelming Support (3, Interesting)

QuantumRiff (120817) | more than 6 years ago | (#20174091)

The Roseburg, OR call center closure really pissed off the town.. They gave Dell an tax exemption, saving them $5mil over 5 years.. They also spent $1mil on other "incentives" and infrastructure upgrades to attract them to the area. As soon as that Tax exemption was over, they closed down the doors.. Just before, they made some of the best techs there go over seas and train their replacements.. The employees were told they were opening up an "additional" call center, not moving theirs.. Apparently, they also were a crappy tenant and trashed the building they were in...

I don't think Dell is going to be selling many more PC's in southern Oregon for a while...

Re:Overwhelming Support (1)

Lockejaw (955650) | more than 6 years ago | (#20174279)

In response to closures like that, I've heard of cities adding a stipulation that says the company has to pay fees, back taxes, etc. if they close up and move out.

Re:Overwhelming Support (1)

polaris20 (893532) | more than 6 years ago | (#20174933)

That would definitely be a good idea, as Dell would certainly deserve to be charged back taxes if that's all true.

Re:Overwhelming Support (1, Interesting)

Anonymous Coward | more than 6 years ago | (#20174753)

Well it looks like it's only one call center that was closed [forbes.com]:

He said the company announced plans in May to reduce employment worldwide by 10 percent. He said the Roseburg location is the only such center in the United States to close.
And also from the next paragraph it seems that the reason was obvious:

Frink said the closure has nothing to do with a lawsuit filed by employees of the Roseburg center in February, claiming Dell violated federal and state wage and hour laws.

Top two possible misspellings: (3, Funny)

Roadmaster (96317) | more than 6 years ago | (#20172639)

Dell considers bundling virtualization on mofos

or

Dell considers bundling virtualization on hobos

not pretty either way.

Re:Top two possible misspellings: (0)

Anonymous Coward | more than 6 years ago | (#20172909)

You don't know the meaning of "mobo"? Why are you here?

Re:Top two possible misspellings: (2, Funny)

Jeff DeMaagd (2015) | more than 6 years ago | (#20172943)

It's stupid slang. May as well call them fabos for fatherboards.

Re:Top two possible misspellings: (1, Insightful)

Anonymous Coward | more than 6 years ago | (#20173685)

Dell considers bungling virtualization on mobos

First VM. (0)

Anonymous Coward | more than 6 years ago | (#20172641)

"However, if Dell doesn't try too hard to lock it down, this system could easily be modified in an aftermarket fashion to include almost any hypervisor that could fit on the flash chip.'"

Why wait for Dell to do this?

Re:First VM. (2, Informative)

morgan_greywolf (835522) | more than 6 years ago | (#20172717)

Why wait for Dell to do this?


For that matter, who needs to?

You can get the benefits of this yourself.

1) Download Damn Small Linux.
2) Install on a USB pen drive.
3) Add Xen Source (or VMWare) hypervisor
4) ???
5) Profit! (sorry, couldn't resist)

Re:First VM. (0)

Anonymous Coward | more than 6 years ago | (#20173525)

This is for enterprises as part of their poweredge server line. Not for desktops... slight difference.

There's absolutely no point in embedding virtualization with desktop servers for home users. There are huge advantages to embedding it with servers in an offering for the companies out there who are looking to leverage virtualization technology.

Incidentally, not to sound too insider-iffic, but I'd imagine anyone who has been involved with Dell and/or VMware at an enterprise level has been aware of this for awhile (at least I have!).

rent the feature on a monthly basis (0)

Anonymous Coward | more than 6 years ago | (#20172677)

you know, once you try to enable the hypervisor, connect to an online payment system and charge $X per month to enable the feature, lock the 2nd O/S once the subscription expires. Encase the chips in epoxy. I'm surpised Microsoft hasn't tried something like this yet. Extra points if Dell designs it too run too hot and blowup.

Yes, but: So what? (1)

adolf (21054) | more than 6 years ago | (#20172761)

In what way is this functionally different than the same hypervisor being installed on a bootable USB flash drive/IDE-attached CompactFlash card/[insert other stupid-simple method of booting from flash]?

Re:Yes, but: So what? (1)

BuR4N (512430) | more than 6 years ago | (#20172853)

"In what way is this functionally different than the same hypervisor being installed on a bootable USB flash drive/IDE-attached CompactFlash card"

Its more secure having the actually memory embedded inside the machine instead on the outside in a port, accessible for anyone that have physicall access to your office.

Re:Yes, but: So what? (1)

jmorris42 (1458) | more than 6 years ago | (#20173195)

> Its more secure having the actually memory embedded inside the machine instead on the outside
> in a port, accessible for anyone that have physicall access to your office.

So? CF to IDE bridge taped down in a drive bay. Flash to IDE header gadget plugged direct to an IDE header. They even have em that plug direct to USB headers on the MoBo now. Give em a while and they will have em to direct plug to SATA, assuming they don't now and I just didn't see em last time I was looking stuff like that.

Point being that is almost certainly all Dell will be doing. So why wait, if it is a good idea, just do it!

Re:Yes, but: So what? (1)

Ironsides (739422) | more than 6 years ago | (#20173521)

1) Cost. They would have to design the mobos and test them.
2) The IDE header is not going to be used in profesional servers. For one, they don't have IDE anymore. They have SATA or SCSI.
3) The USB headers are not going to have as high of an uptime compared to something dell could build onto the motherboard (in theory, supposing dell does'nt screw up. This is required due to what most server buyers need is reliability for servers that run 24/7/365.25. Adding in what you suggested, the first thing to fail would most likely be either the flash or the adapter.

Re:Yes, but: So what? (2, Insightful)

adolf (21054) | more than 6 years ago | (#20174223)

3) The USB headers are not going to have as high of an uptime compared to something dell could build onto the motherboard (in theory, supposing dell does'nt screw up. This is required due to what most server buyers need is reliability for servers that run 24/7/365.25. Adding in what you suggested, the first thing to fail would most likely be either the flash or the adapter.

I take issue with everything you say here.

There is no qualitative reason why USB should not have, as you say, "as high of an uptime" as anything else which plugs into a computer. In fact, the opposite is likely to be true: USB, having finally grown into something that generally doesn't suck, has been tested and revised for over a decade, and is far more likely to be resolutely reliable than any newly-developed interface technology which has not been so rigorously abused. It's a single point of failure, sure, but it share that disadvantage with SCSI, SATA, PCI Express, and all other likely candidates for connection.

I would further like to submit that the first thing to fail in any flash-based installation in a personal computer will be either the flash chip itself, its interface chip (ala "adapter"), or one of the supporting components (resistors, capacitors - that sort of stuff).

Finally, I'd like to speculate that all Dell will be doing is installing a flash device onto a USB bus. The hardware and software to accomplish this were finished years ago, and thus long ago entered the category of being free (as in beer) for Dell (particularly their marketing departments) to take advantage of.

Re:Yes, but: So what? (1)

couchslug (175151) | more than 6 years ago | (#20173971)

"Its more secure having the actually memory embedded inside the machine instead on the outside in a port, accessible for anyone that have physicall access to your office."

The same pieces could easily be inside the case. Not all USB ports are external. Of course, SATA CF adapters have been available for sometime:

http://www.fastsilicon.com/storage-reviews/addonic s-adsahdcf-sata-cf-adapter-review-6.html?Itemid=27 [fastsilicon.com]

By the way, anyone have links to tutorials for installing a hypervisor to such a setup?

Hard drive? (1)

SanityInAnarchy (655584) | more than 6 years ago | (#20176187)

Why not just "embed" it in the first 20 megs or so of the hard drive? (Or 100 megs, or 1 gig, given the size of modern storage...)

The only advantage I see to doing it with flash is that they could lock it down, and also, you could theoretically hot-swap SATA (or USB) drives, each with an OS on it (and maybe a "saved image" from the virtualizer, like hibernating). Even if you don't actually physically hot-swap them, you could spin down the drive you're not using.

Of course, if it was me doing this, I'd just get 3 drives (or more) and build a software RAID, and run my virtualized OSes on top of that, so I get a nice performance boost (at the cost of more power required to keep them all spinning)...

Re:Yes, but: So what? (1)

Chirs (87576) | more than 6 years ago | (#20172859)

It's vendor-supported.

Re:Yes, but: So what? (1)

badfish99 (826052) | more than 6 years ago | (#20173203)

Anything is vendor-supported if I pay for vendor support. It doesn't have to be embedded in a flash chip.

The advantage of this is that it is vendor-supported by a vendor of Dell's choice. Presumably they then give Dell a kick-back. OK, that's an advantage for Dell, not for the purchaser.

Re:Yes, but: So what? (5, Insightful)

Albanach (527650) | more than 6 years ago | (#20172865)

In what way is this functionally different than the same hypervisor being installed on a bootable USB flash drive/IDE-attached CompactFlash card/[insert other stupid-simple method of booting from flash]?
The difference is that it's a supported set up from a major manufacturer. That means that when you pay for 24x7x365 support you are not faced with being told that you've modified the hardware and they can't support your setup. Indeed if your flash card dies a sudden death, the Dell engineer

can be there within four hours and should actually be carrying a spare.

For a hobbyist at home I doubt there's much of a difference at all, but for folk paying big $$$ for enterprise solutions, this is probably very welcome.

Re:Yes, but: So what? (1)

Znork (31774) | more than 6 years ago | (#20173977)

If you were paying big $$$ for enterprise support, would you get a server with GRUB or LILO embedded on the motherboard?

Would you buy one with the kernel and initrds on flash installed on the motherboard?

Personally I wouldnt; Dell has no competence in those areas, and even should they try to build it, they'd end up constantly trailing the OS vendors, introducing random bugs and being far less integrated and standardized than what the mainline products are.

I see little difference in the hypervisor area; hardware vendors can just barely manage keeping BIOSes bugfree enough to get an OS running, expecting them to be able to manage and keep hypervisor software up to date isnt even on the horizon.

Re:Yes, but: So what? (1)

morgan_greywolf (835522) | more than 6 years ago | (#20172891)

Well, as I said in this post [slashdot.org], not much. The only things I can think of are that it doesn't rely on any external devices and would be directly supported by Dell. It would be a real boon to corporate IT departments using virtualization to consolidate servers, since IT managers are often loathsome to use any such configuration that isn't officially vendor-supported.

Re:Yes, but: So what? (1)

stoolpigeon (454276) | more than 6 years ago | (#20172893)

I'm guessing that you might get a slight advantage not having to wait for the bios to reach a point where it has usb functioning - and possibly the ability to read the chip faster off the board than over usb. Just wags on my part. I personally don't get the big deal over doing it this way as compared to the way a hypervisor loads now to run on bare metal. It might take a touch longer to boot - but so what? I'm not bouncing my servers that often anyway. And on the desktop? That's where I really struggle to see the need.

Re:Yes, but: So what? (4, Informative)

Burz (138833) | more than 6 years ago | (#20173213)

Presumably having Dell's hypervisor load instantly at power-up could prevent other virtualizers from running, including hypervisor-based rootkits like Blue Pill.

Not if it's REALLY doing its job (1)

Ungrounded Lightning (62228) | more than 6 years ago | (#20173661)

Presumably having Dell's hypervisor load instantly at power-up could prevent other virtualizers from running, including hypervisor-based rootkits like Blue Pill.

Not if it's really doing its job.

A virtual machine should be able to virtualize another layer of similar virtual machines - including instances of itself. Otherwise there's something defective about the virtualization.

Could block access to hardware... (1)

SanityInAnarchy (655584) | more than 6 years ago | (#20176135)

There are certain chunks of hardware, actual CPU instructions, etc which have been introduced recently to make virtualization more efficient.

However, I don't think it would do very well against something like Blue Pill, because that could just as easily implement a softer virtualizer -- it would just appear to run a little slower.

Re:Yes, but: So what? (0)

Anonymous Coward | more than 6 years ago | (#20173851)

Blue Pill doesn't apply to hypervisors without standard hosts OSs, anyway.

Re:Yes, but: So what? (1)

Sylver Dragon (445237) | more than 6 years ago | (#20174737)

Support and TCO.
If I have a Dell provided chip on a Dell motherboard which goes out, they will fix it. If I have a Mickey-Mouse setup with a USB flash device, you can bet they are going to try and blame that for my woes first. And, guess who is on the hook for fixing it if it goes south? Moreover, the difference in cost is going to be slight. This chip will probably raise the overall price of the motherboard by a couple hundred, at most. The time I spend futzing around with getting an external solution running is going to cost more in the long run, my employer is paying me good money for that time, and any time spent fixing it. Take a quick look at what even a tech is going to cost:
Say they get paid $17/hour as full-time staff. Then you're paying workman's comp, taxes, health care, etc. Overall it's probably costing the employer around $30/hour for that tech. So, if he spends a day on that solution your spending about $240 for it. Just eat the up front cost from Dell, and make them fix the damn thing, that tech has better things to do with his time.

Probably a dumb question... (1, Insightful)

Anonymous Coward | more than 6 years ago | (#20172813)

How is adding more layers going to make anything faster?
It isn't like Vista will be loading less drivers because of the extra layer.

Re:Probably a dumb question... (1)

WyrdOne (96731) | more than 6 years ago | (#20172857)

This is not targeted at the Consumer market. This *is* marketed at the software and developer markets. Typically those already running VMWare's ESX products or similar tech.

Basically it means faster startup time and possibly faster performance for VM servers.

Re:Probably a dumb question... (1)

Mattsson (105422) | more than 6 years ago | (#20173397)

Not all improvements are there to produce more speed.
Sometimes, an improvement will give better functionality at the cost of a little speed.
And with the speed we have in our pc's today, it does seem more rational to concentrate on improving funtionality and reliability rather than speed.

Re:Probably a dumb question... (2)

ChrisA90278 (905188) | more than 6 years ago | (#20174275)

"How is adding more layers going to make anything faster?"

"Faster" is not the goal. Better machine utilization is. In the Windows PC world sysadmins know that loading multiple functions all running on the same machine is inviting trouble and can crash Windows so they spread their servers out. This allows the admin to consolidate the servers back into one machine by running multiple copies of the Windows OS on one server. He gets the stability gain of running one task on a box biox he stops wasting so many boxes.

The other use for VMs is so you can run multiple OSes at the same time on the same machine. But this is something developers, testers and suport people like to do and may as well be done using VMWare on a host OS.

Re:Probably a dumb question... (1)

jimicus (737525) | more than 6 years ago | (#20176173)

Even with a Unix-based OS, there's something to be said for separating processes between virtual systems.

It improves security - an exploit leaves one virtual server (and hence one service) vulnerable, not everything.

It improves reliability - a service which is known to have knock-on effects if it screws up can have those knock-on effects limited to just one virtual server.

It also makes scaling individual services and migrating between hardware far easier - if you haven't yet had to go down the SAN route, upgrading a file server is as simple as adding extra disk to the virtual machine, and if the physical host it's on doesn't have the space, migrating the VM first without impacting other services.

The biggest drawback is that you then have to administer a number of virtual hosts rather than just one or two physical ones. But that's what God invented cfengine for.

IBM does this on their iSeries (4, Interesting)

dagar (84678) | more than 6 years ago | (#20172889)

IBM is already doing this on their iSeries (AS/400). In order to manage it you have to have a Hardware Management Console (an x86 xSeries machine running Linux and their management software). I really think that they have done a good job of the virtualization, it also lets IBM throttle back the CPU. We have a 1000CPW (IBM's performance index) machine that with the Power5 1.5Ghz processor is limited to 43% utilization. In order to get all 100% of the CPU (2400CPW), we would have to pay through the nose.

Re:IBM does this on their iSeries (1)

kpharmer (452893) | more than 6 years ago | (#20174075)

I'm not going to use the right terminology here (since it changes quarterly) but...

this is just one pricing option: you can buy everything up front, or you can pay more to have them put in 'emergency' resources - that can be added later if you need it.

This later scenario can be good if you want to avoid overbuying but still have resources available in case you wildly underestimated what you'd need.

Bill O'Reilly Is A Member Of The Nazi Party (-1, Troll)

Anonymous Coward | more than 6 years ago | (#20172915)

What I am about to say is strictly off the record. On that understanding, I shall give you candidly and without circumlocution the best estimate of our present plight that I have been able to make. Let me begin by citing a range of examples from the public sphere. For starters, I am not a robot. I am a thinking, feeling, human being. As such, I get teary-eyed whenever I see Bill O'Reilly insult my intelligence. It makes me want to make efforts directed towards broad, long-term social change, which is why I'm so eager to tell you that O'Reilly's editorials do not represent progress. They represent insanity masquerading as progress. This much is clear: He recently went through a clericalism phase in which he tried repeatedly to rifle, pillage, plunder, and loot. In fact, I'm not convinced that this phase of his has entirely passed. My evidence is that O'Reilly contends that truth is whatever your grievance group says it is. Sounds rather disaffected, doesn't it? Well, that's O'Reilly for you. If there is one truth in this world, it's that I respect the English language and believe in the use of words as a means of communication. Morbid, overweening vulgarians like him, however, consider spoken communication as merely a set of noises uttered to excite emotions in treasonous criticasters in order to convince them to take us over the edge of the abyss of hedonism. Any meaningful analysis of the situation must allow for the fact that O'Reilly's most incoherent tactic is to fabricate a phony war between unbridled big-mouths and discourteous-to-the-core worrywarts. This way, he can subjugate both groups into helping him trick our children into adopting unconventional, disapproved-of opinions and ways of life. I really don't want that to happen, which is why I'm telling you that O'Reilly has nothing but contempt for you, and you don't even know it. That's why I feel obligated to inform you that he wants to monopolize the press. Personally, I don't want that. Personally, I prefer freedom. If you also prefer freedom, then you should be working with me to convince the government to clamp down hard on his vaporings.

O'Reilly, you are welcome to get off my back this time and stay off. He wants nothing less than to lure the amoral into his coterie. His hatchet men then wonder, "What's wrong with that?" Well, there's not much to be done with oppressive, hotheaded mountebanks who can't figure out what's wrong with that, but the rest of us can plainly see that O'Reilly claims that Man's eternal search for Truth is a challenge to be avoided at all costs. I assert that the absurdities within that claim speak for themselves, although I should add that if O'Reilly can give us all a succinct and infallible argument proving that the Universe belongs to him by right, I will personally deliver his Nobel Prize for Irritating Rhetoric. In the meantime, I recently received some mail in which the writer stated, "O'Reilly's 'compromises' are a veritable dictionary and synonymicon of frotteurism." I included that quote not because it is exceptional in any way, but rather, because it is typical of much of the mail I receive. I included it to show you that I'm not the only one who thinks that in a tacit concession of defeat, O'Reilly is now openly calling for the abridgment of various freedoms to accomplish coercively what his randy announcements have failed at. It may be obvious but should nonetheless be acknowledged that O'Reilly is a walking time bomb of credentialism. That should serve as the final, ultimate, irrefutable proof that even when the facts don't fit, he sometimes tries to use them anyway. He still maintains, for instance, that the sky is falling.

Do you ever get the feeling that on many issues, discussions with O'Reilly quickly turn into fights, and dialogues soon degenerate into name-calling? Well, you should, because if anything will free us from the shackles of O'Reilly's whiney anecdotes, it's knowledge of the world as it really is. It's knowledge that he hates people who have huge supplies of the things he lacks. What O'Reilly lacks the most is common sense, which underlies my point that one of his stooges keeps throwing "scientific" studies at me, claiming they prove that the best way to make a point is with foaming-at-the-mouth rhetoric and letters filled primarily with exclamation points. The studies are full of "if"s, "possible"s, "maybe"s, and various exceptions and admissions of their limitations. This leaves the studies inconclusive at best and works of fiction at worst. The only thing these studies can possibly prove is that O'Reilly should slither back under whatever rock he crawled out from. Let me recap that for you, because it really is extraordinarily important: O'Reilly's functionaries all have serious personal problems. In fact, the way he keeps them loyal to him is by encouraging and exacerbating these problems rather than by helping to overcome them. Let us postulate that O'Reilly is apt to respond to this letter in the same emotional way that a devout Christian in the 15th century might have responded to someone who announced publicly that he didn't believe in the virgin birth. In that case, the most anal-retentive manifestation of devious sentiment among petty dipsomaniacs has been the way they perpetuate what we all know is a corrupt system. In reaching that conclusion, I have made the usual assumption that he should learn to appreciate what he has instead of feeling so oppressed because he can't do everything he wants, every time he wants to. Moving on, he has a natural talent for complaining. He can find any aspect of life and whine about it for hours upon hours.

O'Reilly proclaims at every opportunity that he'd never topple society. The gentleman doth protest too much, methinks. Given the tenor of our times, his ratiocination skills are nothing to write home about. But there is a further-reaching implication: O'Reilly says that those of us who oppose him would rather run than fight. This is at best wrong. At worst, it is a lie. I, speaking as someone who is not a sadistic thief, sincerely hope that the truth will prevail and that justice will be served before O'Reilly does any real damage. Or is it already too late? Well, while you're deliberating over that, let me ask you another question: What is it about our society that makes disruptive airheads like O'Reilly desire to grant a free ride to the undeserving? Now, not to bombard you with too many questions, but he is typical of mindless beatniks in his wild invocations to the irrational, the magic, and the fantastic to dramatize his obloquies.

Hooliganism has its stronghold among cruel, fatuous rakes, and that's one reason why I'm writing this letter. O'Reilly thinks it's good that his words supplant national heroes with licentious crybabies. It is difficult to know how to respond to such monumentally misplaced values, but let's try this: His cock-and-bull stories are based on a denial of reality, on the substitution of a deliberately falsified picture of the world in place of reality. And this dishonesty, this refusal to admit the truth, will have some very serious consequences for all of us in the coming days. Social stability and family unity are two things that revolting maniacs have no concern for. Ergo, I don't know which are worse, right-wing tyrants or left-wing tyrants. But I do know that according to O'Reilly, "metanarratives" are the root of tyranny, lawlessness, overpopulation, racial hatred, world hunger, disease, and rank stupidity. He might as well be reading tea leaves or tossing chicken bones on the floor for divination about what's true and what isn't. Maybe then O'Reilly would realize that on a television program last night, I heard one of this country's top scientists conclude that, "O'Reilly's power is built on lies." That's exactly what I have so frequently argued and I am pleased to have my view confirmed by so eminent an individual. Isn't it odd that cacodemonic cads, whose ill-bred, quixotic lifestyle will ridicule the accomplishments of generations of great men and women quicker than you can double-check the spelling of "ultracentrifugation", are immune from censure? Why is that? Before you answer, let me point out that O'Reilly's buddies often reverse the normal process of interpretation. That is, they value the unsaid over the said, the obscure over the clear.

If nothing else, I claim that O'Reilly's opinion is a lazy cop-out. There's nothing controversial about that view. It's a fact, pure and simple. It was a fact long before anyone realized that I, not being one of the many brassbound, hypersensitive twerps of this world, have a problem with O'Reilly's use of the phrase, "We all know that...". With this phrase, he doesn't need to prove his claim that he defends the real needs of the working class; he merely accepts it as fact. To put it another way, anyone who has spent much time wading through the pious, obscurantist, jargon-filled cant that now passes for "advanced" thought in the humanities already knows that he is against everything and for nothing. What may be news, however, is that I no longer believe that trends like family breakdown, promiscuity, and violence are random events. Not only are they explicitly glorified and promoted by O'Reilly's invidious, tyrannical scribblings, but his criticisms of my letters have never successfully disproved a single fact I ever presented. Instead, O'Reilly's criticisms are based solely on his emotions and gut reactions. Well, I refuse to get caught up in his "I think ... I believe ... I feel" game. O'Reilly has become a patsy to his own malevolence, and every intellectually honest person knows it.

Like a lion after tasting the blood of human victims, O'Reilly will herald the death of intelligent discourse on college campuses. Since most people oppose his contemptuous, voluble philippics, O'Reilly has had to tinker about with a lot of halfway prescriptions using every detestable means imaginable. The bulk of crass kooks are at least marginally tolerable, but not he. Though ridiculous authoritarianism is not discussed in this letter, much of what I've written applies to that, as well. His fulminations are not witty satire, as O'Reilly would have you believe. They're simply the lubricious ramblings of someone who has no idea or appreciation of what he's mocking.

Fortunately, most people understand that what O'Reilly is doing is not an innocent, recreational sort of thing. It is a criminal activity, it is an immoral activity, it is a socially destructive activity, and it is a profoundly blockish activity. I don't believe that materialism is the only alternative to jujuism. So when O'Reilly says that that's what I believe, I see how little he understands my position.

Although O'Reilly is only one turd floating in the moral cesspool that our society has become, his ultimata are built on lies and they depend on make-believe for their continuation. For those of us who make our living trying to give the needy a helping hand, as opposed to an elbow in the face, it is important to consider that I don't care what others say about O'Reilly. He's still wretched, childish, and he intends to hinder economic growth and job creation. If everyone does his own, small part, together we can unmask his true face and intentions in regard to commercialism. O'Reilly argues that I am phlegmatic for wanting to disentangle people from the snares set by him and his acolytes. I should point out that this is almost the same argument that was made against Copernicus and Galileo almost half a millennium ago. He can't be trusted. Now take that to the next level: He is an opportunist. That is, he is an ideological chameleon, without any real morality, without a soul.

I realize that animalism is a tremendous problem in our society, but does it constantly have to be thrown in our faces? To ask that question another way, to what lengths will O'Reilly go to control what we do and how we do it? The answer is almost utterly obvious -- this isn't rocket science, you know. The key is that I want to live my life as I see fit. I can't do that while O'Reilly still has the ability to befuddle the public and make sin seem like merely a sophisticated fashion. Most law-abiding citizens disapprove of his methods. I trust that I have not shocked any of you by writing that. However, I do realize that some of my readers may feel that much of what I have penned about O'Reilly in this letter is heartless and in violation of our Christian duty to love everyone. If so, I can say only that O'Reilly justifies his thievery by saying things like, "It's for the good of society". In view of that, it is not surprising that O'Reilly's cause is not glorious. It is not wonderful. It is not good. Now that this letter has come to an end, I hope you walk away from it realizing that there's something wrong with this picture.

Re:Bill O'Reilly Is A Member Of The Nazi Party (0)

Anonymous Coward | more than 6 years ago | (#20173135)

Erm... What?

A New Obligatory?!? (0)

Anonymous Coward | more than 6 years ago | (#20172917)

Pretty soon the old obligatory comment "Yeah, but does it run Linux?" will be updated to read "Yeah, but does it run Linux (in at least one VM)?"

For someone not keeping an eye on this (1)

Bluesman (104513) | more than 6 years ago | (#20172931)

There seem to be a lot more options for "virtualization" lately than VMWare, but never having needed to use multiple OS's at one time, I'm clueless as to the details of how these all work. Are they taking advantage of some new functionality on Intel/AMD chips?

Is there some sort of overview for this stuff?

Re:For someone not keeping an eye on this (1)

Znork (31774) | more than 6 years ago | (#20174043)

Take a look at the virtualization [wikipedia.org] article at wikipedia. It covers most of the tech in a fairly good overview.

Re:For someone not keeping an eye on this (2, Informative)

empaler (130732) | more than 6 years ago | (#20174851)

Is there some sort of overview for this stuff?
http://en.wikipedia.org/wiki/Comparison_of_virtual _machines [wikipedia.org]
HTH :-)

Re:For someone not keeping an eye on this (1)

Bluesman (104513) | more than 6 years ago | (#20175653)

Ahhh, thanks. That and Intel's software developer docs helped out a lot.

Most of the web sites just show the little block diagram with a layer of virtualization between "hardware" and "The OS".

Re:For someone not keeping an eye on this (1)

empaler (130732) | more than 6 years ago | (#20175703)

NP :)
It's a bit of a jungle, really. As far as I can tell, Xen has the edge on HW-based virtualization. (I'm sure someone will correct me if I'm off)

TPM (1, Interesting)

Anonymous Coward | more than 6 years ago | (#20173021)

Amusingly, this + a mechanism for telling the hypervisor what programs to trust and how, was the original end goal of the whole TPM/palladium movement..

Love the drama (1)

Hellraisr (305322) | more than 6 years ago | (#20173033)

I personally love how the poster of the article invents a hypothetical security problem with a hypothetical and non existent hardware solution, at which point he/she discusses the details of a potential hypothetical hack.

Simple compute nodes (2)

tji (74570) | more than 6 years ago | (#20173073)

As others mentioned, similar things can be done now -- an IDE/Flash boot into a minimal hypervisor Linux for Xen or KVM. That would also allow some flexibility, to maybe run a few things directly on the hardware. I would be very interested in an approach like this for my home Linux server.

For larger enterprise uses, the really simple hypervisor is nice. Just slap another box in there, and it is quickly added to your compute cluster. If they do it right, that system could even net-boot and auto-install the latest hypervisor image when it's first added. Factor in VMWare's "VMotion" stuff, where VMs can be moved among compute nodes in a cluster, and that simple compute node, along with a big NAS, is really slick.

I don't want a hypervisor thanks (1)

Viol8 (599362) | more than 6 years ago | (#20173115)

Virtualisation I have no doubt is extremely useful in certain applications. I howerver have no use for it on any PC I own or work on. I exclusively use linux and I don't want Windows or OS/X or anything else running alongside it. I *WANT* my OS to have full control over the machine - its faster , its more flexible and theres less to go wrong (not to mention who's to say a hypervisor couldn't be hacked by a virus somehow?). I don't want some virtual hardware locked into the BIOS that may or may not have features enabled depending on what mood the hardware supplier was in one day.

Sure , if you want virtualisation have it as an add-on, but to have it added by default into the BIOS IMO is a slippery slope.

I was thinking that, too (1)

CdBee (742846) | more than 6 years ago | (#20173175)

I suppose a hpyervizor doesn't need or take control of hardware components the way an O/S would but even so, I'd be concerned that a virus if it could somehow get into the flash ROM (or be compulsorily included there by the US National Security Agency) might be undetectable to O/S based virus scanning as the Boot ROM doesn't appear as a mountable volume and is never checked....

Re:I don't want a hypervisor thanks (1)

dpilot (134227) | more than 6 years ago | (#20173275)

Virtualization is not just for multiple OS's.

One use you might be interested in is a security barrier. The base system boots, but very little really runs on it. Instead you start guest images, and the stuff runs under the guests. Compromise a guest and you haven't compromised the machine. In fact, one thing you might run on the host is an Intrusion Detection System that monitors the guests and shuts down any that might go rogue. Better yet, you could "freeze" the rogue by ceasing to schedule CPU cycles to it, and save the image for forensic analysis. A few reasons might be to run outside-facing services in guests, or run user accounts, or maybe just browsers in guests. I've been interested in this usage, but don't have powerful enough hardware, yet.

Another use is simply safety. There has been talk (and proof-of-concept) of "hypervisor worms" that tunnel under an existing OS and virtualize it. If you're not running some sort of hypervisor, you're vulnerable. If you are running some sort of hypervisor, its security should stop the worm from tunneling.

Smoke and Mirrors. (1)

twitter (104583) | more than 6 years ago | (#20173515)

Compromise a guest and you haven't compromised the machine.

What outside the "guest" is of any use to a desktop user?

I'm with the OP, I don't want Windoze or OSX so I don't want a non free VM getting between me and my OS or my OS and hardware. I don't have boot or power management problems with my OS, so the VM offers me nothing.

Re:Smoke and Mirrors. (1)

dpilot (134227) | more than 6 years ago | (#20173975)

Run your user account inside a guest, and at least the base OS won't get compromised, and you won't need to reinstall. Run your browser and/or email inside a guest inside your account, and you won't have to worry about virii or web nasties compromising your precious code and data. It's all about damage limitation/confinement.

I don't want a non-free VM, either. I'm figuring that right now Linux has so darned many virtualization options that whenever I have the right hardware, I can just pick one.

This also presumes that with the right hardware features, virtualization is cheap, in terms of cycles and disk space.

Re:Smoke and Mirrors. (1)

Sancho (17056) | more than 6 years ago | (#20174225)

Maybe the people who make operating systems should fix these problems WITHIN THE OS. Operating systems are supposed to do this anyway!

Re:Smoke and Mirrors. (1)

dpilot (134227) | more than 6 years ago | (#20174739)

They should. I just consider it another layer. By the OpenBSD philosophy, you don't need a firewall. I try and run my systems that way, but I use a firewall, anyway. I'm not sure exactly how many layers I'd like to have, I guess it depends on how expensive they are. But I do know that I want more than 1 layer, at least.

Awesome (0)

Anonymous Coward | more than 6 years ago | (#20174287)

It goes against my religion and I have no use for it, therefore it's worthless. Get rid of it, Smithers.

Re:I don't want a hypervisor thanks (2, Insightful)

EvilMagnus (32878) | more than 6 years ago | (#20173819)

Virtualization can be really useful to make sure you're making use of all available resources.

Consider a development environment. You might have ten developers, each with their own server. For most of the time, most of the capabilities of those development boxes are being unused, but they're still taking up space and power in your datacenter.

If you could virtualize those 10 dev boxes down to two or three bigger boxes, you could:
- save on space and power in your data center
- ensure you're using your available resources more efficiently (the cpus and RAM aren't idle most of the time; they're actually being used)
- makes it easier to 'add another box' to the mix if you get a new hire. Setting up a new dedicated (virtual) development server takes a matter of minutes, and can all be done in software for no additional cost. This is especially true if you keep all your server images and data on a shared network storage device (or hook the host OS box up to a SAN).

There's the increased risk of downtime from hardware failures, but buy the right boxes for the host OS and that's not a problem.

Dell's solution, if it works, would be really neat. It would probably simplify the act of virtualization even more, and means *none* of the host CPU or RAM is taken up running the VM server. It's all available for guest OS use.

Re:I don't want a hypervisor thanks (2, Interesting)

Uruz 7 (986742) | more than 6 years ago | (#20174099)

Aren't you being a bit selfish? If you don't want Windows or Mac then don't install them. It's likely that your BIOS has support for tons of things which you are not using nor forced to use. And since you're a Linux user, I'm sure you're aware of all the crap that you'll probably never have to enable in the kernel but it's there if you want it.

I'm not really sure what you mean by slippery slope either. Slippery slope to what? More features? I also don't think this is for the desktop market. I couldn't tell from the article but I assume this is meant for server class machines where virtualization is awesome for fairly cheap HA setups and having this come straight from Dell this way makes it that much easier to pitch to a guy with an MBA.

Re:I don't want a hypervisor thanks (1)

Viol8 (599362) | more than 6 years ago | (#20174647)

>I'm not really sure what you mean by slippery slope either. Slippery slope to what? More features? I

Completely undetectable viruses and worms, remote disablement of PC hardware , frankly anything you want to do with the maqchine if the hypervisor is compromised somehow since you won't ever detect it in the OS. An OS is called an Operating System because it operates the system. If its little more than some sock puppet on a hypervisor then whats its purpose other than a glorified scheduler?

Re:I don't want a hypervisor thanks (1)

jma05 (897351) | more than 6 years ago | (#20175461)

Suit yourself. I run Linux 95% of the time. But I find a VM very useful. Some of my hardware is Windows only or just a pain to set up on Linux. So I use Windows in a VM with USB support and it saves me the trouble of worrying about Linux compatibility for occational use devices. There are many niche tools that are Windows only. I don't know the technical implications of having the motherboard manage VT, but I am wondering if it makes providing better access to graphics cards from the VM. That could mean a solution to the last remaining challenge of VT - gaming.

Already happening in game console market (2, Informative)

wdnspoon (560602) | more than 6 years ago | (#20173139)

I think PS3s already get shipping with a built-in hypervisor to manage installing guest OSs in VMs on the console. Ostensibly it's a feature, but doing so has given them enough control to prevent access to accelerated graphics so people don't use the console to play games they downloaded and are instead forced to buy. There's certainly precedent for this, and we're sure to see a lot more of this in the future. Hopefully the PC market is competitive enough that Dell won't be restricting their own hypervisor to restrict certain hardware access, or only allow the use of VMs from "trusted" sources. If this is true, then this is excellent news.

reminds me of ... (5, Insightful)

Anonymous Coward | more than 6 years ago | (#20173149)

DRM (Score:3, Insightful)
by Frank T. Lofaro Jr. (142215) on Tuesday June 07, @05:12PM (#12751680)
(http://www.linux.com/)

They are doing this for DRM.

Their Hypervisor will enforce DRM, so even linux can't override it.

They'll make it so all device drivers must be signed to go into the
Hypervisor which will be the only thing with any I/O privs that aren't
virtualized.

They'll make it so new hardware has closed interfaces and can only be
supported by a driver at the Hypervisor level.

Any drivers in any OS level won't be able to circumvent the DRM, since
they'll just THINK they are talking to hardware, but will get virtual
hardware instead - and the Hypervisor won't let it read any protected
content through the virtual I/O, it will blank it out (e.g. all zero
bytes from the "soundcard") or something similar.

The drivers designed for the Hypervisor won't work in any higher level,
since they'll need to do a crypographic handshake with the hardware to
verify it is "real" and the hardware will also monitor bus activity so
it'll know if any extraneous activity is occur (as it would if it was
being virtualized).

Everything will have a standard interface to the O/S, so Linux will still
run but be very limited and slowed down - since only Windows will be
allowed "preferred" access to hardware, other O/S will be deliberately
crippled.

They'll say you can still run Linux.

Hardware manufacturers won't release specs, they'll say use the Hypervisor
and you can still use Linux.

You'll still need to buy Windows to use any hardware - Linux won't even
boot on the raw hardware.

MS doesn't care if Linux isn't killed - the above allows them lock in - no
windows - your PC won't boot - since nothing but the Hypervisor will know
how to talk to the IDE card, etc.

What about manufacturers that want to support open interfaces, etc?
Microsoft will deny them a key which they will need to talk to the
Hypervisor - and the Hypervisor will refuse to talk to them.

Support anything other than solely the Hypervisor and you can't use the
Hypervisor. No Windows - lose too many sales.

And they can say other O/S's are still allowed.

They'll just not be able to give you freedom to use your hardware as you
see fit (DRM, need to pay more to get software to unlock other features
on your hardware), only Windows will run well, and you need a Windows
license and Hypervisor for every PC or else it is unbootable.

Reality check (3, Insightful)

Wesley Felter (138342) | more than 6 years ago | (#20173841)

Let's be clear; Dell is talking about servers with built-in hypervisors. Extrapolating these plans to desktop PCs is just unfounded speculation.

Their Hypervisor will enforce DRM, so even linux can't override it.

Servers don't care about DRM.

They'll make it so all device drivers must be signed to go into the
Hypervisor which will be the only thing with any I/O privs that aren't
virtualized.


OK, this is true. ESX requires special drivers.

They'll make it so new hardware has closed interfaces and can only be
supported by a driver at the Hypervisor level.


On the contrary; Dell has been driving companies like Broadcom and Adaptec to open up and offer open source drivers. AFAIK the only reason we have the tg3 driver is because Dell told Broadcom to provide Linux drivers.

Re:reminds me of ... (0)

Anonymous Coward | more than 6 years ago | (#20174055)

Wow, that sucks. Kind of makes me want a Mac. Oh I did get a Mac. Not to say Apple is holy or above screwing its users and doing something like that too... But it probably won't get that bad, and there's going to be work-arounds and alternatives, or collecting older PCs as a hobby will get more popular, or we'll start using Sun's hardware or something. But then again, if a lot of big company DRM'd stuff, and if they can shut down piracy of it. Good for them. Then you can ask if Generic-Plot-Rehash #6 with Original-Twist #4 is worth paying $5 to see or not, and then people will refuse to pay for garbage, and instead opt to go read books and get smarter and free/open source will be popular and all the evil monopolies and governments will fall as the newly enlightened masses rise up and right the wrongs with their newly discovered awareness and wisdom.

Re:reminds me of ... (1)

Pitawg (85077) | more than 6 years ago | (#20174929)

Agreed. Completely.

Being closer to a theorist though, I am looking at the Hypervisor taking part in the new unconstitutional legal system, where the hardware will also provide a virtual snoop. GWBOS will boot from the network, no local files needed, and potential for mass observation.

You thought Sony's root kit was something? Try the hardwired version in the hardware.

You can call people crazy for this kind of conjecture, but now it is all "legal" for the moment. What executive orders or classified "requests" are being fed to hardware makers as you read this? I am not trolling for political screamers. There is now a law on the books this very moment that would allow this type of thing.

Please, do not make this the only option (5, Interesting)

querist (97166) | more than 6 years ago | (#20173173)

This frightens me on so many levels that it is difficult to know where to start. Unless that hypervisor is burned into a non-rewritable form of storage (e.g. ROM), it will be subverted.

As it has been demonstrated at Black Hat by the illustrious Ms. Rutowska, (as well as being fairly obvious to anyone familiar with hypervisors) a hypervisor is below the OS and can be impervious to the OS's probing, but it still lies between the OS and the hardware.

Properly implemented, this could be a very good thing. With no disrespect intended toward Dell, I suspect that the first several implementations (at least) will leave the resulting systems vulnerable to subversion, and this subversion would be difficult, at best, to detect.

This is an interesting concept, and it could be used for "good", but as the saying goes "the devil is in the details". The idea is good, it is the potential implementation that worries me.

Full Disclosure: I have a Ph.D. (2006) in InfoSec.

Re:Please, do not make this the only option (0)

Anonymous Coward | more than 6 years ago | (#20173799)

Full Disclosure: I have a Ph.D. (2006) in InfoSec.

wow! you know as much as most guys who've been in the field since 2005 without the fancy degrees.

Re: Please, do not make this the only option (1)

Dolda2000 (759023) | more than 6 years ago | (#20173831)

[...]I suspect that the first several implementations (at least) will leave the resulting systems vulnerable to subversion, and this subversion would be difficult, at best, to detect.
I know! Whatever will happen to my CVS servers?

Re:Please, do not make this the only option (2, Insightful)

Wesley Felter (138342) | more than 6 years ago | (#20173915)

So where are all the ESX exploits?

Re:Please, do not make this the only option (1)

miffo.swe (547642) | more than 6 years ago | (#20175507)

I work pretty much with vmware and it does have its fair share of quirks and bugs. Sometime drivers (on the host side) stops working, hostmachines wont start when stopped/started but after having reset the host instead five times?? That for med suggests that bugs arent absent. Some of theese bugs are probably possible to use for exploits. My strong suspicion is that vmware isnt at all that safe but for now its much easier to break into the Windows machines running as guests directly instead.

Re:Please, do not make this the only option (0)

Anonymous Coward | more than 6 years ago | (#20174013)

OH.... You have a Ph.D.

Well then I'll have to show you how to run this......

Re:Please, do not make this the only option (1)

charlesnw (843045) | more than 6 years ago | (#20174757)

Um. Huh? What? Why will this be subverted? You mean at the factory? How is this any different then other virtulization solutions? The problem with being to focused on security and theory (which seeing that you just got your Phd means you have been for several years) is that you tend to forget real word details. Any system isn't 100% secure. We know that. So what is the point of bringing this up? Virtulization is a very useful technology in a whole lot of areas. Especially security. Makes it much easier to seperate out functions etc. Please don't spread any more FUD then is already in the world.

No Vista Basic or Premium (1)

MSRedfox (1043112) | more than 6 years ago | (#20173603)

For Vista, the only option OS wise will the the more expensive models. Both Vista Basic and Premium aren't allowed to run on any kind of VM. I guess that will limit Dell's usage for home users.

Not sure what the big deal is (2, Interesting)

Sloppy (14984) | more than 6 years ago | (#20173739)

It's easy to see how moving more stuff from the disk to flash is "slicker" and can make things load a little bit quicker (but seriously: how much? I doubt transferring hypervisors, kernels, or boot managers (e.g. grub) from disk is a major factor in boot times). But what's so special about hypervisors? Forget making this "solution" so specific. Just build a few dozen megabytes of disk-like (bootable) flash into the board, and let the user decide if they just want to use it for a hypervisor, or move a whole bunch more stuff into there in an effort to try to get their modern machine boot as fast as an Amiga.

The one thing that it occurs to me that such an answer would really help with, is working around a certain (dumb) Linux limitation. Booting off EVMS is tricky (or at least it was, last time I looked). Move your boot off-disk, then you can EVMS your whole disk.

And what's this about "security?" The article doesn't explain why it mentions security, and that's not a surprise, because there's no reason it would be more secure. As other have pointed out, "security" is obviously being used as a codeword for something very, very different (i.e. having the machine serve someone else's interest (e.g. MPAA) at the expense of the user's interest).

Re:Not sure what the big deal is (1)

imgunby (705676) | more than 6 years ago | (#20174361)

(but seriously: how much? I doubt transferring hypervisors, kernels, or boot managers (e.g. grub) from disk is a major factor in boot times).


I'm not sure about how it would affect overall boot time, but as to the how much... milliseconds compared to nanoseconds. It's a considerable speed boost, but again, I don't think it would dramatically improve boot times.

Lame shorthand (1)

Thaelon (250687) | more than 6 years ago | (#20174073)

Dell Considers Bundling Virtualization on Motherboards

There, fixed that for you. Asshat.

Re:Lame shorthand (0)

Anonymous Coward | more than 6 years ago | (#20174751)

by Cockmonster (250687) on Thursday August 09, @04:01PM (#20174073)

There, fixed that for you. Asshat.

What this is all (ultimately) about: (1)

The Master Control P (655590) | more than 6 years ago | (#20174763)

Forcing me (the computer's owner) to give up control of the lowest level of my computer. At which point they [Computer makers + Media corporations + MS] will be free to insert every kind of phone-home rootkit, DRM, "trusted" computing and other shit they want. Of course, they will because it's in their financial interests to be able to force you and me to pay any price they want, no matter how extortionate it may be. And since they've forced me out of the bottom-most level, there's nothing I can do to get rid of it.

And oh, there will of course be bugs in it. Exploitable bugs. Which crackers will use to pwn me with no possibility of ever being able to secure myself against them, because I can't uninstall the shit they're taking advantage of or block them out.

Virtualization: Good.
Without me at the helm of the root VM: No thank you, let's not ever go down that path. Ever. In fact, hell no.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...