Dear Jann,
* Jann KRUSE [2017-11-28 21:23:54 +0000]:
Update: Have been exploited... (And you wouldn't even realize it!) https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-...
as you correctly pointed out below, the real problem is not unintentional occurrence of exploitable bugs: this is normal on all OSs and can be addressed (with various level of difficulty, **very** hardly in this case)
«To root, or not to root, that is the question:» who have root access to the hyper-hyper-visor?
this soon leads to the following questions:
1 is root access documented anywhere on earth? 2 how can I manage the root password in order to be compliant with national mandatory security regulations? [1]
mumble, mumble...
[...]
In short: We are essentially being forced, without even being told, to run buggy proprietary code in a very powerful and very capable hyper-hyper-visori
very nice executive ultra-summary thanks! :-)
Ciao Giovanni
[1] https://en.m.wikipedia.org/wiki/Cyber-security_regulation there are a **lot** of mandatory regulations considering password management _vital_ to the security of IT infrastructure