A virtual machine might have several decks “at hand” which could be placed in the card reader or passed to other virtual machines. Such IO served many of the purposes that Unix puts pipes to. Printers (600 line per minute mechanical and noisy) were virtual and often mapped to a real printer via print queues. OBDwiz is the automotive diagnostic software that is included with every ScanTool.net PC-based scan tool. It is a breeze to install, easy to use, and is packed with features. Use OBDwiz to troubleshoot a problem with your vehicle, improve fuel economy, clear the 'Check Engine' light, and verify emissions readiness.
Audi-VW-Skoda-Seat Elsawin 4.0. Description: Elsawin 4.0 is offered with full information on repair basically on new automobiles 1986-2011, electric schemes 1992-2009. In new versions of programs,it adds the information not only on new, but also on old machines. For normal work of the program it is. Alan: That is a very important piece of news, because when you start doing backups, especially in large corporations, being able to move datasets from one machine to another machine, to a virtual machine, from a virtual machine to a physical machine, is where it's at, now. Stephen: You might want to think of 2006, as 'the boom of virtual.
by Kenny Kuchera
The goal of this article is to get you started hacking cars — fast, cheap, and easy. In order to do this, we’ll spoof the RPM gauge as an example.
The following is by no means an exhaustive tutorial. It instead aims to provide just enough information to get you up and running. If you want to dig deeper you can checkout the must-reads at the end.
If you decide to carry out this tutorial in real life, you’ll need a Linux computer (or a virtual Linux machine), and a CAN-to-USB device (which we’ll look into later).
A car is a network
A car consists of multiple computers to control the engine, transmission, windows, locks, lights, etc. These computers are called electronic control units (ECU) and communicate with each other over a network.
For example, when you press the button on your steering wheel to increase the volume of the radio, the steering wheel ECU sends a command to increase volume onto the network, the radio ECU then sees this command and acts accordingly.
There are multiple networks in a car, generally at least two:
- One for critical data such as engine and powertrain messages
- And one for less critical data such as radio and door locks
The critical network uses a fast and reliable protocol whereas the non-critical network uses a slower, less reliable but cheaper protocol. The number of networks as well as which ECUs are networked together depends on the car make, model and year. An ECU could also be connected to multiple networks.
Connecting to a network
Some networks can be accessed via the OBD-II port. OBD-II is mandatory on all cars and light trucks built in the US after 1996 and Europe after 2004.
The connector is in arms reach of the driver’s seat. You might need to lift off some plastic cover but it is always accessible without tools.
The OBD-II standard allows for five signaling protocols. It’s up to the manufacturer to decide which one to use. CAN is the most popular one and is what we will discuss. It is accessible via pins 6 and 14 of the OBD-II connector. If your car has a CAN bus, you will see metal leads on the pins as in the image above.
The CAN bus is a reliable, high speed bus that is used to send critical data. Unfortunately the data packets on the bus are not standardized so you will need to reverse them to know what they mean. The OBD-II standard also leaves room for vendor specific pins that can be used for vendor specific protocols. This makes it easier for the dealer to diagnose problems.
On my car (GM), I have a standard CAN bus on pins 6 and 14, and a vendor specific single wire CAN bus on pin 1. The standard CAN bus is a reliable, high speed (500 kbps) protocol also referred to as high speed CAN (HS-CAN). It is used for critical data. The single wire CAN bus (SW-CAN) or GMLAN is slower (33.3 kbps) and less reliable but cheaper since it only uses one wire. This bus is used for non-critical data.
If you see a vendor specific pin and don’t know which protocol is being used, Google “<make> OBD pinout”. There is also low speed CAN (LS-CAN) and medium speed CAN (MS-CAN). MS-CAN is generally on pins 3 & 11, running at 125 kbps on Ford and Volvo cars.
Tools
You will need both a device that’s capable of interpreting CAN data as well as software to analyze the data
Hardware
In order to receive and transmit CAN packets, you need a device that is capable of this. You will often come across ELM327 based devices. While these have their use, they are terrible for hacking. They are way too slow to monitor the CAN bus.
There are also high-end devices like Kvaser, Peak or EMS Wünsche. These will get the job done but are overkill and pretty expensive.
Some high-end devices also require you to purchase software along with it. The USB2CAN is a native CAN interface for Linux that offers great value for money.
You could also use Cantact or CANUSB. However these aren’t native CAN devices in Linux and use an ASCII based protocol. This means that they are slightly more complicated to set up and have lesser performance. On the other hand, they are well supported across multiple operating systems.
I use CANalyze which I’ve designed for my needs. It is similar to USB2CAN in that it’s an affordable native CAN interface but it uses a newer micro controller, is open source and can be built using open source tools. The rest of this tutorial assumes you are using a native CAN interface.
Software
To communicate with the device you need to install the can-utils package on your Linux machine. You can do this via by typing the following into the Linux prompt:
Can-utils makes it extremely easy to send, receive and analyze CAN packets. These are the commands that we will use.
- cansniffer display only the packets that are changing
- candump dump all received packets
- cansend send a packet
Linux has CAN support built in to the kernel via SocketCAN. This makes it easy to write your own additional programs. You can interact with the CAN bus in the same way you would interact with any other network i.e. via sockets.
CAN bus
Before you start reversing, you should have some understanding of how the CAN bus works. It consists of 2 wires and uses differential signaling. Since it’s a bus, multiple devices can be connected to these two wires. When a CAN frame is sent on the bus, it is received by all ECUs but is only processed if it’s useful for the ECU. If multiple CAN frames are sent at the same time, the one with the highest priority wins. A CAN frame has 3 parts that are relevant to us.
- arbitration identifier The identifier of a message. An ECU uses it to decide to process or ignore the received frame. It also represents the message’s priority. A lower number has a higher priority. So for example, if you’d be an engineer designing the network, you would give the frame for the deployment of airbags a very high priority or a low arbitration ID. On the other hand you’d give a lower priority or higher arbitration ID to data meant for the door locks.
- data length code (DLC) Indicates the length of the data field in bytes. A CAN frame can have at most 8 bytes of data.
- data field Contains up to 8 bytes of data.
Reversing the CAN bus
The general approach to reversing the CAN bus is to generate the behavior you want to mimic and find the message that causes that behavior. For example, lets say the lane keeping assist system (LKAS) on your car is crap and you’ve made your own.
In order for it to control the steering, you need to know what messages to send. The way to figure this out is to turn on the original LKAS, monitor the CAN bus and identify the packets responsible for turning the steering wheel. Once you have identified these packets, you can have your own LKAS send these packets onto the CAN bus to control the steering wheel.
In our case, we want to spoof the tachometer so we need to change the RPM by stepping on the gas with the car on and in neutral and then try to find the packet responsible for changing the RPM.
Setup
Plug the CAN device into the car’s OBD-II port and the computer’s USB port. Bring up the CAN interface by running the following in your Linux prompt:
which brings up the can0 interface (always can0 if you only have one device connected) at a bit rate of 500 kbps, which is standard.
Identify
When the car is off, the ECUs are usually sleeping so you need to turn on the car or put it in accessory mode. You can look at raw CAN data by running this in your Linux prompt:
This prints CAN data to the screen as soon as it is received. This however is very unorganized and it is very difficult to see what packets correspond to a certain event. You can press ctrl+c to stop the program. To make the data more readable we use cansniffer which groups the packets by arbitration ID and only shows the packets that are changing. In order to start it run the command in your Linux prompt:
where -c colorizes the changing bytes and can0 is the interface to sniff. It takes a few seconds to remove the constant packets.
You should see something similar to the image below, though the numbers will probably be completely different.
The first column (delta) shows the rate in seconds at which the packets with that arbitration ID are being received. The second column (ID) contains the arbitration ID. The remaining alphanumeric columns (data …) contain the data bytes. If the data has an ASCII representation, it can be seen to the right, otherwise it’s a dot.
When you step on the throttle with the engine running in order to increase RPM, there might be new CAN messages appearing on the screen and/or existing ones changing.
We need to find a CAN message where the changing bytes correlate to the change in RPM. We can probably expect that the value will increase/decrease as the RPM increases/decreases.
The first CAN frame in cansniffer that seems to vary with RPM is the frame with arbitration id C9. There are probably multiple potential packets that vary with RPM, this is just the first one.
There are 4 bytes that are changing (colored red) in this message but not all of these necessarily indicate the RPM. Variations in the third byte 07 don’t seem to correlate to varying RPM. The last byte 1B does.
However, as soon as we take our foot off the throttle, it goes to 00 . This would indicate that it represents the throttle position and not the RPM.
Finally there are the two bytes 21 C0 that do seem to correspond to a change in RPM. More so, it varies as a 16 byte integer i.e. when the second byte C0 overflows, the first byte 21 gets increased by one. Also it seems that 21 corresponds to roughly 2000 RPM. This is good to note when you will replay the message.
Replay
Once you have a candidate, send it onto the CAN bus with the following command in your Linux prompt:
where the frame has the format <arb_id>#{data} and must be substituted with your own CAN message.
Your car can be running or in accessory mode for this. Be sure to use a packet that you obtained when the engine was non-idle or else you won’t see anything change when replaying it while your engine is idle.
If you just send the packet once, you will probably not see anything change on the instrument cluster. This is because the original message is still being sent continuously on the bus at 0.2 second intervals by the ECU so your message will just be ignored.
Recall that the rate is given in the first column of cansniffer. There are two ways to get around this aside from disconnecting the ECU that’s generating these messages. One option is to send the packets at a much higher frequency than the ones currently being sent. You can do this by running the following in your Linux prompt:
and substituting the CAN message with the one you’ve identified. Press ctrl+c to stop.
Another option is to monitor the bus, and every time you detect the packet that you want to spoof, send your own packet out immediately after. This can be done by running in your Linux prompt:
where you need to substitute the CAN message and 0C9 with CAN message you identified and it’s arbitration id respectively. You can experiment with both approaches to see which one works better.
If the tachometer changes, good job, you found it! If not, identify the next message that correlates to RPM and replay it.
Fuzzing
Now that you have the CAN frame that sets the RPM on the instrument cluster, you can play with the data that you send to see what happens. We have noted that the the two bytes that correspond to RPM behave as a 16bit integer so in order to set the tachometer to 8k RPM, we run the following in your Linux prompt:
and the result is…
That’s it! You can now try controlling the speedometer, radio, lights, door locks, etc. using the same approach.
Possible issues
- While the CAN bus is the most popular network, it’s not the only network. If you can’t find the message you are looking for on the CAN bus, try a different network. Especially non-critical messages such as radio, lights and door locks will probably be on a different network.
- As mentioned the exact data transmitted over CAN depends on the car’s make, model and year. Some cars use a counter in the CAN message to ensure the same message isn’t processed multiple times. This is slightly more difficult but you should be able to do it with the provided information. Some cars also use a checksum to ensure integrity of the data. Calculating this checksum can be difficult. If you have a Toyota, check out Adventures in Automotive Networks and Control Units, p10, Checksum-Toyota. Everyone should really read the whole paper.
- When replaying the identified packet on the bus, your CAN to USB device might go into the “bus off” state. This is part of the CAN standard and happens when the device experienced too many errors. This generally happens when there is a lot of traffic on the bus. In order to get around this you can play with delays and timing, maybe try replaying the message immediately after putting the car in accessory mode, try waiting a bit, try it with the car on, etc. If you’ve identified what ECU’s are connected to the bus, you can also pull their fuse to stop them from sending messages and lower the traffic on the bus.
Must reads
- Charlie Miller’s and Chris Valasek’s research, yes all of it
- University of California San Diego’s and University of Washington’s research.
Be sure to also check out Open Garages and their videos.
|
Transcript of Episode #57 |
|
| Virtual PC versus VMware Description: Steve and Leo wrap up their multi-week series about virtual machines and virtual machine technology by closely analyzing the differences and similarities between the free and commercial VM products offered by Microsoft and VMware. High quality (64 kbps) mp3 audio file URL: http://media.GRC.com/sn/SN-057.mp3
Quarter size (16 kbps) mp3 audio file URL: http://media.GRC.com/sn/sn-057-lq.mp3 |
| Leo Laporte: Bandwidth for Security Now! is provided by AOL Radio at AOL.com/podcasting. This is Security Now! with Steve Gibson, Episode 57 for September 14, 2006: Virtual PC. Security Now! is brought to you by Astaro, makers of the Astaro Security Gateway, on the web at www.astaro.com; and by Dell (for this week's specials visit TWiT.tv/dell); and by Visa – safer, better money. Life takes Visa. All right, get your tinfoil hats out, everybody. It's time for Security Now!. Protect yourself online. And here he is, the king of the tinfoil hats, Mr. Steve Gibson. Some people accuse you sometimes of that, of being too worried about security. But that's your job. |
| Steve Gibson: Well, and we've talked about that, too. The idea is, what we're trying to do is not to tell people they need to worry, but to educate people about what there would be to worry about if they wanted to worry. I mean, I'm not saying, oh... |
| Leo: Okay, there is a distinction there. |
| Steve: You know, yeah. I'm not saying, oh, no, the sky is falling. I'm saying, okay, well, now, see that crack up there, you know, in the sky? Well, keep your eye on that because, you know, if that crack gets any bigger, then maybe you do want to go indoors. |
| Leo: That could be a problem down the road. |
| Steve: Yeah. Well, and for example, you know, we talk about spyware. People understand. Some people aren't victims of it; some people are, you know, repeatedly being buried by this stuff. So, you know, so certainly there's a wide spectrum of sentiment and of experience and exposure. I mean, you know, this is a big planet, and all kinds of things going on. So if nothing else, people being appraised of what's happening, I think, is, you know, is our job. And, you know, and certainly we have some obligation to put it into context. For example, this is – we're recording this just after Patch Tuesday, the second Tuesday of the month, where Microsoft releases their news of new problems. And so, you know, there were a bunch. Several are critical. So if people aren't running Windows Update, they might want to just go over to the Start menu and run it from there to download the latest updates to their copy of Windows and feel a little more secure. |
| Leo: There was a serious Office problem this time out. |
| Steve: Yeah, and a couple older problems were revised with new critical ratings. So, you know, there's more to do. Always more to do. |
| Leo: Always more to do. Well, let's – one of the things we've been doing, and this is not really a scare story, this is actually kind of a happy story, is talking about virtualization technology. And we're going to get to our wrap-up of virtualization technology, cover kind of some of the things we haven't mentioned yet. But before we do, I do want to remind you that Visa is a sponsor this month on the TWiT network, and we really appreciate their support on all of the shows, including Security Now!. As you know, Visa works very hard to keep your information safe and secure. It's one of the reasons they particularly wanted to be on your podcast, Steve. They also remind all of you that, if you're going to, I think just like Steve was just saying, you know, if you've got a credit card of any kind, you want to consider a few things to protect yourself. For instance, pay attention to what's going on with your Visa. You want to go online and look at your statement, or look at your paper statement when it comes each month. In fact, do it as often as you can to monitor transactions, make sure nothing unusual or out of the way is happening. Do sign your Visa card on the signature panel. Visa also says, if you choose a PIN for your Visa card, choose one that's unique, secret, and don't write it on anything. Memorize your PIN. And here's an important one. Keep financial information secure. Don't even let family members, friends, or neighbors see it. And shred it before discarding. Most information doesn't occur online, but in fact occurs in the real world from people finding your hard copy and using it. Just some important security tips from the card I recommend you use online. Safer, better money. Life takes Visa. Virtualization. Do you want – should we redefine it, just so that people who've missed the last few podcasts know what we're talking about? |
| Steve: Well, as I promised last week, and I think I even mentioned it the week before, one of the things that I wanted to do this week was to address Microsoft's Virtual PC offerings, both their Virtual PC and their Virtual Server, because readers had written in saying, hey, you know, that's free now. How does it compare to the others? So that's going to be the main thrust. And this is essentially our wrap-up of the whole virtual machine topic. We got into this whole virtual machine issue sort of from the, well, directly from the security aspect because there are many useful applications for contemporary virtual machine technology. And we've talked about VMware as being sort of, in many ways, the granddaddy, the heavyweight of virtualization. And then, based on my survey of the industry, Sandboxie we talked about as a much lighter weight solution which allows you to create application sandbox to contain things you're doing that may be dangerous and prevent them from making any permanent changes to your system. Actually I got a very nice note from the author of Sandboxie, thanking us for our mention and being really pleased. Apparently lots of people went over and are exploring, you know, that possibility. |
| Steve: So just, you know, to give a brief, uh... |
| Steve: Recap. That's the word I was looking for. A brief recap. The whole concept is that machines are so powerful now, I mean, they actually have, you know, excess processing power that most of the time are not being used unless you're really, you know, like compressing video or doing huge database sorts or something. This excess capacity and the features in the hardware that enable the machine to emulate itself, you know, the idea being that you could open a window that looks like it's its own machine booting, and into that window you can install another operating system. So it's an operating system literally running within an operating system, sort of nested that way. And there are many applications for that. One of the things that people are beginning to think about since Vista is on the horizon, Microsoft's next-generation operating system, is, well, maybe using a virtual machine to install and just poke around at Vista, rather than, you know, committing major hardware or going through all the trouble of dual booting and so forth in order to have that sort of experience. So there's the idea of experimenting with operating systems by installing them within a virtual machine, where you're not committed in any way to keep it. It's just a nice sort of experimenting containment. And then there's the security side because anything that's done in the virtual machine stays in the virtual machine unless you deliberately take some action in order to make it permanent or, like, move a file that you downloaded from the virtual machine environment into your hosting environment. |
| Leo: It's kind of like Las Vegas. What happens in the virtual machine, stays in the virtual machine. |
| Steve: Exactly. That was the analogy I was drawing. So what happened in the case of Microsoft is, it's interesting because the two major heavyweight virtual machine technologies are VMware and what Microsoft now has called Virtual PC. There are, as we've mentioned sort of glancingly before, there are other things. There's Xen; there's something called QEMU; there's Bochs; there's, you know, many other projects which are sort of, you know, they're often open source projects. They're over on SourceForge. They're typically a small team of people who are just sort of this is what they want to do, they want to experiment with emulating the Intel processor on other platforms. And so there are processor emulations; there are, you know, various sorts of projects at various stages of completion. But in my experience, they're sort of niche-oriented solutions, whereas what VMware and what Microsoft now have with Virtual PC are much more mainstream. VMware, as we've talked about before, it began life over on Linux back in the late ‘90s, I think 1997. It began life over on Linux as a virtual machine technology that would allow Linux users to host Windows applications, that is, you know, so you might need one or two apps running Windows, but you're a Linux guy. So the idea was the very first, the very early VMware was to host Windows on Linux. Well, similarly, the lineage of Microsoft's Virtual PC, they actually bought all this technology in early 2003 from a company called Connectix. Connectix had the same idea that VMware had, but over on the Mac, the idea being that Mac users might need one or two applications running under Windows that, I mean, like, that's just causing them a problem. And so the original Connectix virtual machine technology was Mac hosted, and the so-called “guest OS,” that is, the operating system that was running in the virtual machine, was Windows. And it evolved VMware and the Connectix product, and they called theirs Virtual PC also because that's what it was, it was a virtual PC running in a Mac. They sort of evolved together over the years. And it's interesting, Microsoft's statement at the time they bought Connectix was that they were acquiring the virtual machine technology from Connectix because they wanted to allow their legacy server customers to be able to run Windows NT apps in Server 2003. So of course, you know, Microsoft Server 2003 was the major server evolution, sort of out of Windows XP, and also from Windows 2000 Server, then they went to 2003. Well, in doing so they broke some aspects of compatibility with their even older legacy server platform, which was, of course, Windows NT, NT 4. And so they recognized, well, we need to provide some sort of an operating solution, some sort of a bridge for customers who still have – and there are. There are legacy applications that were originally written tightly to Windows NT, and they won't run in the very recent Windows operating system. |
| Leo: That kind of makes sense. If you're running something like this, you're really down to the hardware. And you probably make a lot of assumptions about what's running. |
| Steve: Right. Well, and remember, I mean, we're talking, you know, NT is a long time back. And it's certainly the case that, you know, for example, customers may have a mission-critical application that, you know, that they've been using for 15 years, and the company that wrote it's gone, I mean, you know, or is no longer moving it forward. Yet, you know, they're locked into this thing. I mean, or it might not even have been a professional, formally published product. It might have been, you know, internal corporate IT that wrote some custom application ware, and it's just much easier for them to, like, not mess with it, you know, not have to move it off of NT because why would they? |
| Steve: So Microsoft needed some sort of a migration strategy. So their reason, their stated reason for purchasing this virtualization technology from Connectix is they wanted to allow NT 4 to run inside a virtual machine on the new Windows Server 2003 in order to provide that sort of bridge. So what's really interesting is that, as Connectix's – I guess that's how you'd say that... [Talking simultaneously] |
| Steve: As their offering evolved, they became very OS neutral. They would – you could run Linux. You could run, you know, like, you know, they supported a wide range of PC-hosted operating systems, essentially all of them, on their platform. Well, as you might imagine, Microsoft's not a big fan of people doing anything other than Windows. So one of the things that happened, and it's funny, as you track the evolution over time, Microsoft got it three years ago and moved it through a couple versions. Well, each one is slower than the previous one. And they're becoming increasingly non-Windows OS friendly. So that today, if you install Virtual PC, you know, it says, okay, what kind of Windows operating system do you want to run in this virtual machine that you're going to create? And then there is sort of a begrudging “Other” line at the bottom. But, well, if you must run something else, you know, we really – oh, and we don't support it, by the way. But we do have this “Other” line that you could use. Now, in fairness, this appears to be nothing really more than marketing because I found a great site, it's VPC.visualwin.com. You ought to pull it up right now, Leo, while we're talking. VPC.visualwin.com. |
| Leo: You're going to wait for me? |
| Steve: It's this amazing effort that a whole bunch of people have gone through to list the compatibility of OSes operating inside of Virtual PC. Look at the list. It's 1,448 entries. |
| Steve: There's stuff there I've never, I mean, most of the stuff there I've never heard of. |
| Steve: Just wacky stuff. I did notice that Astaro, the Astaro security products do run in Microsoft Virtual PCs. |
| Steve: So if somebody wanted to, you know, Astaro of course being one of our hosts... |
| Leo: Sponsors. And one of – and a great many Linuxes. In fact, I would say a lot of these 1,400 are just Linux distros. |
| Steve: Actually, and I think that of course, well, I mean, we know that Windows runs in Microsoft's Virtual PC. They formally support it. But, and so you're right, most of these are Linuxes. But, I mean, look at all the Linuxes. |
| Leo: NetWare and NetBSD, BSD, Plan 9... |
| Steve: Now, it is interesting, too, because if people are interested in Virtual PC for the purpose of running Linux, there are little no's in the columns. I mean, mostly everything is yeses. I would say, like, 95, 96 percent of these 1448 wacky versions of different OSes are yeses. So clearly this shows us that this is a good emulation of a PC that OSes way beyond Windows are still able to run, much as they were before Microsoft acquired it. So Microsoft has apparently done nothing obvious to hurt Virtual PC to make it non-Windows friendly. However, you know, they are just not formally supporting it. |
| Steve: So, but my point is that, if you – you might look at this list, this VPC.visualwin.com list, if you were interested in making sure that a specific OS that you wanted to host worked. Now, all that said, I don't think Virtual PC is probably the right answer. |
| Steve: After all that. I mean, I wanted to cover it. I told people I would take a good look at it and compare it to VMware. Now, it's got some benefits. First of all, it's a much smaller, lighter weight download and installation than VMware. Virtual PC 2004, which is the current edition, is 18 megs. Whereas, for example, VMware – and this is VMware Server, which is their free version. Workstation is still – you have to pay for. But the VMware Server, which is free, as is Virtual PC, is 145 megs. |
| Steve: So it's much bigger. |
| Leo: Wow, that's 10 times bigger. |
| Steve: Well, and I had mentioned also, when we were talking about the VM, the free VMware Player, which is sort of a read-only version of VMware. And I talked about how, you know, it really whacks your system. I mean, it's a substantial thing that you're installing. And, you know, virtual adapters appear in your network list of network adapters, I mean, it really gets into your system and sinks its teeth in. So, and basically the player does that in a read-only fashion. You're essentially installing the whole VMware system, you just don't have the ability to create virtual machines from scratch using that tool. Whereas their VMware Server product does. So back to Microsoft's Virtual PC. The thing that it lacks that is sort of the Achilles heel for many people is that it provides no USB support. And I see people... |
| Leo: Hmm, that is an Achilles heel, yeah. |
| Steve: It really is. People are complaining about that all over the place. I mean, it has a very nice, sort of a simplified user interface. It supports internal networking. You can run multiple virtual machines, and they're able to talk to each other. They can be behind a virtual NAT. It's got virtual DHCP for allowing these machines to acquire their own addresses. Or remember that last, you know, our last Q&A, a listener asked, hey, if I wanted to run a virtual machine server, and I had a server running on my host, the external OS, and both were, like, web servers, who would get the web request? Well, it is possible with all of these products to let the virtual machine have an IP that's public, so different requests could go to the guest OSes running in the containers or to the hosting platform, depending upon what you want. I mean, it's got plenty of features. One thing it does, which is fortunate, is it does support sound. So it will emulate your sound, that is, Microsoft's Virtual PC will emulate your soundcard. But it does not support USB. |
| Leo: That seems such a big deal, frankly. |
| Steve: Well, and what I really, I mean, the feeling that you get as you sort of look at this is that their virtual – they really did get this for the server side. And, for example, the server side does not support sound because the presumption is, well, who needs sound in a server room? You know, you're running servers on big hardware in a datacenter somewhere, you don't need things binking and bonking and, you know, Media Player support and so forth. |
| Steve: So I think they must have – it sort of feels to me like Virtual PC is, well, we want this because maybe we want to compete with VMware over on, you know, on the desktop platform. But you're right, it seems – certainly one has to imagine, if Microsoft is going to move this forward, that USB support will be something they will immediately be adding. |
| Leo: Isn't there some question about whether they're going to move this forward, though? |
| Steve: There really is because they – we do know that what they bought from Connectix of course was originally Mac hosted. And so, you know, you and I have talked about Virtual PC on the Mac. For a long time, over on the G5 side, you know, the non-Intel, the earlier Macs, that was the way of running Windows on one of the Macs. And many people did it. It worked. They installed Windows, and they were okay. Well, Microsoft has said that's the end of the line for that product. Virtual... |
| Leo: Right, they're killing that one. Yeah. |
| Steve: Well, and Virtual PC will not be ported over to the new Mac Intel Pro Duo platforms, you know, all this new generation of Intel-based Mac. Which to me seems that it's, well, it's sort of like also I think they've abandoned IE on the Mac also, haven't they. |
| Leo: But that made sense because there was an equivalent. I guess it's the same for the Virtual PC. There are better solutions. There's Parallels. There will be VMware. |
| Steve: Well, exactly. And we now know, as you said, that VMware is going to be moving over to the Mac, and that the virtual machines that are created over on the Intel side will be cross-platform compatible, so you'll be able to, you know, install Windows XP in a virtual machine under VMware on top of a regular Intel Windows installation, and then just copy those virtual machine files over to the Mac and open, you know, like open exactly the same instance of Windows over there. So it feels a bit like Microsoft doesn't care that much. Now, the other real problem, aside from no USB support, is it is clearly slower. It used to be much speedier. I see... |
| Leo: That's ironic because the hardware now is supporting it better. |
| Steve: Well, exactly. The hardware provides, as we've talked about, much better virtual machine hardware-level support for doing these things. Microsoft has apparently said that, well, we had to add all of our trustworthy computing platform technology, and that's what slowed it down. That's like, ahhhh, okay. |
| Steve: But I've got to say, I mean, side-by-side comparison, I've been using Virtual PC and VMware Server, that is, the free version of VMware, side by side. It is clearly the case that VMware is faster. There's just, I mean, there's like these long periods of time where nothing seems to be happening. I mean, the installation of XP, which I did just yesterday, was like, okay, what is going on? I mean, and this is on a dual Xeon, seriously strong machine, dual Xeon processor, you know, hyperthreaded, 2 gigs of RAM. It's like, whoa, I don't know where it went. But it was really, really slow. So, however, VMware's Server product, the free one, also does not support USB... |
| Steve: ...or sound. Doesn't even have sound. |
| Leo: Well, that would kind of support what you've said, which is this is for a server. And it's... |
| Leo: ...something you don't need. |
| Steve: And just sort of in general. Now, so Microsoft has their virtual server, I think their Virtual Server 2005 is their server sort of profiled VM solution, just as VMware has their VMware Server solution. Neither have USB or sound support. So the desktop solution – and so basically I've come back around to being glad that I originally bought and invested in the VMware Workstation solution because it offers strong USB support and sound. I mean, it's a complete desktop solution, but it's not free. So I guess that I've, you know, Virtual PC is, if someone wants to experiment with virtualization on their machine, it's a smaller download, it does give you sound, does not support USB devices, and it's got a performance problem. It's funny, too, because – it's funny because I'm seeing people talking about using Virtual PC to host Vista. |
| Steve: Now, can you imagine? I mean... |
| Leo: Unless you have a lot of time, not recommended. |
| Steve: I mean, I gave a presentation on Sunday to the North Orange County Computer Club. And the person who was presenting before me was showing, sort of giving the club a first look at Vista and talking about how people are really complaining about what a resource hog Vista is. And in fact Jerry Pournelle's current column talks about this. And it's not even clear that you can run it on a motherboard with integrated graphics. Because, you know, I mean, you need some add-on monster, you know, graphics card with its own fans and... |
| Leo: Well, you could run it. You just couldn't get the Aero Glass interface stuff. |
| Leo: Yeah, you'd have to give up the interface. |
| Steve: I mean, it really is, I guess, very aggressive in terms of the resources it needs. And so, you know, the notion of running it inside of Virtual PC, or even Windows XP itself is like, oh, is just dragging along. It's like, okay. Well, I mean, for one thing, I don't think that would be a fair – it would not be, would not give you a fair sense for what Vista was, running inside Virtual PC, because the container itself is much slower than the machine on which you're running it natively. |
| Steve: So, you know, so I wouldn't – I would not recommend using Virtual PC to host, you know, a test install of Vista or, you know, you'll be doing it for a week just to get Vista booted. |
| Leo: You'll say this is slow, this operating system's too slow to use. |
| Steve: So I really, I mean, Virtual PC is free. You get what you pay for. You get sound but no USB support. It's a smaller download. It, I mean, it's got a simple, nice, sort of comfortable user interface. But, you know, and maybe, for example, for just browsing the web, certainly a web browser is not going to be, you know, super resource intensive. On the other hand, we've got Sandboxie, which we talked about a couple episodes ago, which is an extremely nice, zero overhead containment for IE, Netscape, Mozilla, Opera, you know, any of the mainstream browsers. It runs on all of them. And so it's a perfect solution if you just want to do, you know, safe Internet surfing. |
| Leo: So really its only real advantage is it's free. |
| Steve: Yes. I would say certainly one of the applications people have for virtual machine technology is messing around with other OSes. For example, I mean, Windows users, I mean, everything we're talking about here is Windows hosted, so Windows users who want to experiment with Linux, who want to experiment with FreeBSD, you know, who don't want to commit the hardware or dual boot or anything, but they're just sort of curious. Now, there's a perfect solution because in those, you know, where you're wanting to mess around with one of those OSes, oh, you could argue that USB and sound support are less important. And certainly VMware formally supports the installation of Linuxes; whereas Virtual PC is arguably, you know, non-Windows hostile. So I think that makes more sense over on that side. So overall I would... |
| Leo: Non-Windows hostile. |
| Steve: Yeah. I would have to say that overall, you know, I looked at Microsoft's Virtual PC offerings. And I have to say, Leo, when I started off, I was already, you know, knowing I was going to be talking about this, I could hear myself saying, well, you know, Linux – I mean, you know, Linux. You know, Leo... |
| Leo: You can call me Linux if you want. |
| Steve: I'm just going to call you Linux now. You know, Leo, I was sort of rehearsing saying, you know, everyone knows I'm no apologist for Microsoft, and I'm, you know, I take them to task when I feel that's what they need. But this Virtual PC is smaller, lighter, you know, just seems really nice. |
Mercedes Wis 2006 Virtual Pc Machine Complete Set
| Leo: You didn't have to rehearse that, actually. |
| Steve: No, I didn't. Because, you know, when I actually tried to use it and install XP, and it's like, oh, my God... |
| Leo: I think it's just [indiscernible]. Really I think you hit the nail on the head. It's an old technology that they bought and really haven't kept up to date. That's all. |
| Steve: And it doesn't have their real focus. |
| Steve: And it's free. You know how, you know, it's not like Microsoft is big on giving things away for free. And so... |
| Leo: There's a reason they're giving it away. |
| Steve: Exactly. And so you have to wonder if it's like, well, you know, they really have this for server virtualization. That's where their focus is. Or, as the guy – the Microsoft person originally said three years ago, we just got this because we wanted old NT stuff to be able to run on our latest platforms. |
| Steve: You know, that said, VMware has the free player, it's got all those appliances... |
| Leo: It's really worth spending the money. It's not that expensive; and, boy, you get so much benefit. |
| Steve: Well, and certainly you can – in fact I'm sure the workstation has a free evaluation version that would allow you to play with the fully enhanced version, USB support, sound support, you know, explicit support for Linuxes and non-Windows OSes. |
| Leo: Oh, yeah. You can totally get a free serial number and try it out. Absolutely, yeah. |
| Steve: Yup. And they'll be moving it over to the Mac, also. So you've got that cross-platform transportability. Overall, you know, I wanted to pursue, you know, what's Microsoft got up their sleeve. I'm back and happy with VMware, and everyone now knows why. |
| Leo: You know, it was great that you mentioned that VMware will run Astaro because, as you said, Astaro has been our sponsor for some time. And it just shows you, it's really – it's open source software based on Linux. And that's one of the reasons we like Astaro so much. Astaro makes the Astaro Security Gateway line of network security appliances, offering complete protection from network, web, and email security threats. I have one, and I love it, the 120. Visit them on the web at Astaro.com. But I also want to remember – remind, you know, rather, that for those of you listening to us, Astaro is offering a free demo unit to test to protect their network. So call 877-427-8276, say you heard it on Security Now!, and you can have a free unit to test. 877-427-8276, or visit Astaro.com. It's a demo unit, of course. Eventually you'll have to give it back. But it's a great way to find out what Astaro's Security Gateway can do for you. They'll ship it to your office or your business in a single business day. Call 877-427-8476 and remember to mention Security Now!. So you decided that really the best thing to do is stick with VMware. Have you been using Parallels at all on your Mac? |
| Steve: I have not. I haven't actually... |
| Leo: I would love to get your impression of that. |
| Steve: Yup, and I do have it. I upgraded it recently. And so I do intend to. At this point, is the beta for the support for the next generation of virtual machine... |
| Leo: I think it's still in beta. I don't think they've released it. |
| Leo: At least as we're recording I don't think they've released it yet. |
| Leo: They're still in the “release candidate” stage. But it's pretty amazing. It's pretty impressive. |
| Steve: Well, it'll be interesting to see whether the Mac version of VMware is for pay or is free. |
| Leo: Yeah. No, I don't think they'll give that away. You think they will? They might? |
| Leo: Wow, that would be very aggressive. |
| Steve: Yeah. And I think you're right. I think it seems unlikely that they would because I would imagine that they are taking it seriously. They really want to be VMware on the Mac, not just sort of something they happened to have lying around. |
| Steve: Certainly it's an investment for them to do this. And I imagine they'll go the full support route with all the features of the system, much as they have for their Workstation product. |
| Leo: Well, and I think that they saw Parallels marching into their territory and said, no, wait, we do that. |
| Leo: And I think they think they can do a better job. And you know, I wouldn't be surprised. I certainly will look at it, and I know you will. And even though this is our last of our series on virtualization, I have a feeling we might revisit it when VMware for the Mac comes out. |
| Leo: I'd love for you to do a virtualization on the Mac show. You've got a Power – the new MacBook. |
| Steve: Yeah, I have no excuse. I have no excuse not to. |
| Leo: No excuse whatsoever not to. I hear you got some pretty neat SpinRite mail the other day. I wanted to ask you about that. |
| Steve: Well, yeah. In fact, I mentioned it last week. I couldn't find this letter. But the thing that made me think of it was that it was a Security Now! listener, well, he writes – the topic was “Another Save by SpinRite!” |
| Leo: We love those letters. |
Mercedes Wis 2006 Virtual Pc Machine Completed
| Steve: And actually, Leo, I have to say, I don't know what's going on, but maybe hard disks are having more trouble in the last month. But I've been getting a lot of mail from people who are finding real success with SpinRite. And he says: Dear Steve. Please add my name to your long list of happy customers. My laptop, which I need tomorrow to teach my anatomy and physiology class, would not boot up properly. It took 20 minutes to get to my desktop, and everything I tried to do had three- or four-minute delay. The computer was unusable. I called Dell, and the tech walked me through the Dell diagnostics. The hardware all passed, including the hard drive. I was unable to use System Restore. It crashed. The next step was to reinstall XP, and of course all my programs. Fortunately, my data was backed up mostly. Still, I had hours and hours of drudgery before me. Before taking that drastic measure, I thought I might try the SpinRite utility. To be honest, I bought SpinRite as a way to thank you for your outstanding Security Now! podcast, which has brought me so much enjoyment. I was afraid it would require more expertise than I had to run it. But the program is very well designed – I'm not making this up, Leo – the program is very well designed to guide the user through the necessary options. I booted up from the SpinRite CD and went to the Recovery Choice No. 2. Then I left it alone. I came back later and saw one of the sectors was bad. SpinRite chewed on it for a bit and then was finished. I booted up without the CD, and Windows ran Checkdisk, and up came my log-in. |
| Steve: My laptop is now working perfectly. |
| Leo: Oh, that's a nice feeling. |
| Steve: He says: When I took math in college, I learned that some theorem proofs are so beautiful, they are called “elegant.” Well, SpinRite is an elegant utility. |
| Steve: He says: It sure saved me tonight. Thank you so much for Security Now!, and thanks for SpinRite. No one who owns a computer should be without it. Sincerely, Russ Palmeri. |
| Steve: And I wrote back to Russ. I said, would you mind if I use your name? He says, I would be proud to have my name associated with SpinRite. So... |
| Leo: Oh, that's nice. Well, thank you, Russ. I think that's wonderful. I mean, it's kind of a neat story because he bought it just to support you, but ended up using it. You don't require that, by the way. |
| Steve: No. No no no. In fact... |
| Leo: Only buy it if you need it. |
| Steve: And in fact the whole goal here of mentioning SpinRite in the podcast, I just – I want to plant the seed in people's minds that, you know, when something happens, you know, consider SpinRite. Think about it. Because... |
| Steve: ...you know, when you need it, it's there. I got another letter from someone who said that they had a Maxtor that had a problem. They ran Maxtor's own diagnostics that said, this is dead, return it to the factory. But they had so much stuff on the drive not backed up that they said, uh, grabbed a copy of SpinRite, it fixed the drive. |
Mercedes Wis 2006 Virtual Pc Machine Complete Kit
| Leo: Wow, that's pretty – we should probably say that, if the drive is physically damaged, nothing's going to fix it. |
Mercedes Wis 2006 Virtual Pc Machine Complete Edition
| Leo: But if the drive can be recovered, SpinRite can do it. |
| Steve: I think that's exactly the case. If anything can recover the data from the drive, SpinRite is the thing that can. |
| Leo: SpinRite.info for more of those testimonials. And of course GRC.com is Steve's site, if you want to get the show notes, the 16KB version of this show for the download impaired. He also offers transcripts thanks to Elaine – a tip of the hat to Elaine – and a great discussion board where you can talk about security matters. Not to mention a host of free security software. GRC.com. As long as you're headed to the web, I encourage you to visit TWiT.tv. In fact, go to our new Dell Picks page, TWiT.tv/dell. We thank again Dell for being a great sponsor on the show and supporting us. We have some picks that I've picked out. I mention the 24-inch monitor because I know that, Steve, you love that monitor. But there's some great machines, as well. And a laptop, a very slick-looking laptop, the XPS 1710. And then for more practical people, the Dell XPS 410 computer, which can go from the Pentium D all the way up to a Core 2 Duo, so you get your choice of hardware. It's state-of-the-art technologies at a very affordable price. As usual, Dell makes the best stuff. Dell is online at our site. In fact, we'd appreciate it if you'd show your support for TWiT by using that site when you go to Dell. Just go to TWiT.tv/dell and click the links there. Thanks for their support. I think – are we done with virtualization? Have we covered this in every possible aspect? |
| Steve: For now. I think we've... |
| Steve: For now. We, you know, we have a great foundation now. Listeners who have been following along since we opened the topic, you know, understand where the state of the art is today. Certainly, as sandboxing technology evolves, as, for example, as VMware moves to the Mac, I imagine we'll come back and touch on it many times in the future because it's a very potent security and privacy application. Remember, too, that not just for security, but there is a great concern that web browsing leaves traces, leaves footprints... |
Mercedes Wis 2006 Virtual Pc Machine Complete Set
| Steve: ...yes, on your machine. So Sandboxie, again, is a beautiful, lightweight solution. If you needed to do some use of somebody else's, like use of the Internet on somebody else's machine that you didn't control, you really wanted to make sure you left no trace behind, you could quickly install Sandboxie on their machine. It is a lightweight, small installation. Then use the browser sandboxed, knowing that no changes to the registry, to the hard drive, or anywhere in their system will be permanent after you close that down. |
Mercedes Wis 2006 Virtual Pc Machine Completely
| Steve: So, great solutions. You know, we'll certainly have virtual machine technology always sort of flying around here and touch on it when something happens. |
| Leo: Very good. I do thank you for all the work that you do, Steve, for us, and invite everybody to go to GRC.com and SpinRite.info to find out more. And join us next week as we talk more about security. Do you know yet what we're going to talk about, or is it... |
| Steve: It's going to be a surprise for everyone. |
| Leo: A surprise for us all. Get to work, Steve, and come up with a topic. We'll see you next Thursday and every Thursday. We're so glad you've joined us on Security Now!. |
Copyright (c) 2006 by Steve Gibson and Leo Laporte. SOME RIGHTS RESERVED
This work is licensed for the good of the Internet Community under the
Creative Commons License v2.5. See the following Web page for details:
http://creativecommons.org/licenses/by-nc-sa/2.5/ |
|
Gibson Research Corporation is owned and operated by Steve Gibson. The contents
of this page are Copyright (c) 2020 Gibson Research Corporation. SpinRite, ShieldsUP,
NanoProbe, and any other indicated trademarks are registered trademarks of Gibson
Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy. |
| Last Edit: Mar 28, 2008 at 07:31 (4,848.84 days ago) | Viewed 2 times per day |