The expert believes that it is time
Posted: Wed Feb 12, 2025 9:40 am
Gvisor's testing revealed a number of shortcomings. In some situations, it performed similarly to Docker, but there was a moment when it was significantly inferior. Bottomley suggests that this was because gVisor rewrote the Linux system call interface in Go in order to strengthen the isolation layer, but this caused an increase in the number of system calls from the Go runtime, which led to a decrease in gVisor's performance. Additional system processes affect the security of the hypervisor, and, according to Bottomley, Google needs to improve it.
to stop arguing about which technology is more secure — container or VM — both have the same degree of protection against the most dangerous vulnerabilities. “Our next step is to completely eliminate the malaysia whatsapp data of malicious applications, and for this we need to move on to fuzz testing,” he believes. This testing technique involves passing incorrect, unexpected or random data to the application as input. The subjects of interest are crashes and freezes, violations of internal logic and checks in the application code, memory leaks caused by such input data.
Containers vs. Virtual Machines: Which is Safer?
James Bottomley
James Bottomley
Experts have long been unable to agree on which of these two technologies is more secure, but IBM has taken on the task of clarifying the situation. James Bottomley, an engineer at the company's research division and a Linux kernel developer, wrote in his blog that these discussions can hardly be called fruitful, since the level of security of containers and virtual machines (VMs) has often been measured not by means of comparative analysis, but empirically (saying that "hypervisors are more secure than containers because of the implementation of the interface").
to stop arguing about which technology is more secure — container or VM — both have the same degree of protection against the most dangerous vulnerabilities. “Our next step is to completely eliminate the malaysia whatsapp data of malicious applications, and for this we need to move on to fuzz testing,” he believes. This testing technique involves passing incorrect, unexpected or random data to the application as input. The subjects of interest are crashes and freezes, violations of internal logic and checks in the application code, memory leaks caused by such input data.
Containers vs. Virtual Machines: Which is Safer?
James Bottomley
James Bottomley
Experts have long been unable to agree on which of these two technologies is more secure, but IBM has taken on the task of clarifying the situation. James Bottomley, an engineer at the company's research division and a Linux kernel developer, wrote in his blog that these discussions can hardly be called fruitful, since the level of security of containers and virtual machines (VMs) has often been measured not by means of comparative analysis, but empirically (saying that "hypervisors are more secure than containers because of the implementation of the interface").