Virtual Machines

Vol. 2 No. 5 – July/August 2004

Virtual Machines

A Conversation with James Gosling:
James Gosling talks about virtual machines, security, and of course, Java.

As a teenager, James Gosling came up with an idea for a little interpreter to solve a problem in a data analysis project he was working on at the time. Through the years, as a grad student and at Sun as creator of Java and the Java Virtual Machine, he has used several variations on that solution. “I came up with one answer once, and I have just been repeating it over and over again for a frightening number of years,” he says.

Security is Harder than You Think:
It’s not just about the buffer overflow.

Many developers see buffer overflows as the biggest security threat to software and believe that there is a simple two-step process to secure software: switch from C or C++ to Java, then start using SSL (Secure Sockets Layer) to protect data communications. It turns out that this naïve tactic isn’t sufficient. In this article, we explore why software security is harder than people expect, focusing on the example of SSL.

by John Viega, Matt Messier

Without a NULL That String Would Never End:
N-streak, 1-streak, worra streak

It’s an undiluted pleasure to be invited to contribute a third column for ’ACM Queue’ under the surly rubric “Curmudgeon.” Curmudgeons are not usually associated with pleasures, diluted or full strength, but at my age the cheap thrill of thrusting a poisoned pen is especially welcome since the targets for satire bob daily as upstart sitting ducks for the roasting: mere “Juvenal delinquents,” as master curmudgeon George Crabbe [sic] called them.

by Stan Kelly-Bootle

Leveraging Application Frameworks:
Why frameworks are important and how to apply them effectively

In today’s competitive, fast-paced computing industry, successful software must increasingly be: (1) extensible to support successions of quick updates and additions to address new requirements and take advantage of emerging markets; (2) flexible to support a growing range of multimedia data types, traffic flows, and end-to-end QoS (quality of service) requirements; (3) portable to reduce the effort required to support applications on heterogeneous operating-system platforms and compilers; (4) reliable to ensure that applications are robust and tolerant to faults; (5) scalable to enable applications to handle larger numbers of clients simultaneously; and (6) affordable to ensure that the total ownership costs of software acquisition and evolution are not prohibitively high.

by Douglas C Schmidt, Aniruddha Gokhale, Balachandran Natarajan

Simulators: Virtual Machines of the Past (and Future):
Has the time come to kiss that old iron goodbye?

Simulators are a form of “virtual machine” intended to address a simple problem: the absence of real hardware. Simulators for past systems address the loss of real hardware and preserve the usability of software after real hardware has vanished. Simulators for future systems address the variability of future hardware designs and facilitate the development of software before real hardware exists.

by Bob Supnik

Building Systems to Be Shared, Securely:
Want to securely partition VMs? One option is to put ’em in Jail.

The history of computing has been characterized by continuous transformation resulting from the dramatic increases in performance and drops in price described by Moore’s law. Computing power has migrated from centralized mainframes/servers to distributed systems and the commodity desktop. Despite these changes, system sharing remains an important tool for computing. From the multitasking, file-sharing, and virtual machines of the desktop environment to the large-scale sharing of server-class ISP hardware in collocation centers, safely sharing hardware between mutually untrusting parties requires addressing critical concerns of accidental and malicious damage.

by Poul-Henning Kamp, Robert Watson

The Reincarnation of Virtual Machines:
Virtualization makes a comeback.

The term virtual machine initially described a 1960s operating system concept: a software abstraction with the looks of a computer system’s hardware (real machine). Forty years later, the term encompasses a large range of abstractions?for example, Java virtual machines that don’t match an existing real machine. Despite the variations, in all definitions the virtual machine is a target for a programmer or compilation system. In other words, software is written to run on the virtual machine.

by Mendel Rosenblum