The Virtualization Room

A SearchServerVirtualization.com and SearchVMware.com blog

» VIEW ALL POSTS May 7 2012   8:51PM GMT

No additional VMware source code leaked on May 5



Posted by: Beth Pariseau
Tags:
Virtualization security

When an Anonymous hacker leaked a page of VMware’s source code along with other documents from a compromised Chinese company in early April, he threatened that the leak was “just a preview,” and that more documents were coming on May 5.

Then, the hacker claiming responsibility for the leak reportedly told Kaspersky Labs’ Threatpost blog that among those files, a terabyte in all, there were 300 megabytes (MB) more VMware source code.

Thus, it was widely anticipated by the VMware community (including this blog) that 300 MB of VMware source code would be released on Saturday.

On May 3, VMware rushed out a bunch of critical patches for ESX, ESXi, Workstation and Player, heightening the anticipation.

The big day has now come and gone, however, and there was nary a whisper of VMware’s name on various Twitter accounts associated with the initial leak. If 300 MB more source code did hit the Internet this weekend, it was done with far less public fanfare than the “sneak preview” received.

Users say the lack of leak doesn’t change much about their outlook on the situation.

“These types of hackers are criminals, and criminals aren’t known for keeping their word,” said Bob Plankers, a virtualization architect at a large Midwestern university. “There are a number of security updates now available for nearly every version of vSphere and its predecessors, so at the least it looks like VMware took the issue seriously on all fronts.”

Trying to guess at what happened means trying to figure out the agenda of a hacker, which is nearly impossible to do, said Edward Haletky, CEO of The Virtualization Practice LLC. It might have been that the wide-ranging publicity the initial leak received was all he was looking for.

“It could’ve been truly just about awareness, saying, ‘hey, you know, this code really isn’t private anymore’,” Haletky said. “There could be a million and one reasons.”

The fact that there was no obvious code release on May 5 shouldn’t make much difference to VMware pros, Haletky said. They should still apply VMware’s new patches and keep up with security best practices. “The answer still is to prepare for such things…do the defense in depth, do the research…if it happened once, it could happen again.”

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: