Most of you are probably aware that Apple recently released Boot Camp, software which allows an Intel Mac owner to easily setup booting into either Mac OS X or Windows XP (apparently Linux also works fine, NetBSD has some issues though). There has been quite a lot of chatter about this in the mass media circles. In geekier circles, another product got some attention: Parallels Workstation. Parallels Workstation is a virtual machine system that allows you to run Windows inside of Mac OS X (only on an Intel Mac), similar to Virtual PC except much faster. This is a pretty exciting technology so I went ahead and downloaded the Linux version and took a look at it.

The results worried me. What I found looked like a wide open invitation to very serious exploits. Through my job I have gained a fair amount of understanding of the x86 architecture, operating systems in general, and virtualization technologies. At the risk of being overly immodest, I consider myself to be an expert in the combination of these three concepts with respect to security (Note: I am certainly not an expert in any one of them individually). I've been debating whether or not I want to post on this subject for the past few days, but today I saw a New York Times article singing the praises of Parallels' product and decided I should get out my soap box and bore you all to tears with some serious geekery.

Long story short: based on a partial source code analysis of the Linux version of Parallels Workstation, I would not install this product on any system that I really care about (i.e. one that houses sensitive data or from which I access the outside world on a regular basis). It is certainly an interesting product and I may install it on a spare test machine, but I foresee major security concerns and so would keep it off important systems. For those of you who want more information, follow the cut below.

Ok, I'm off the soap box and going to get lunch.