5 Replies Latest reply on Mar 31, 2015 3:12 AM by UlyssesOfEpirus

    Can host hacker break into guest that uses full disk encryption?

    UlyssesOfEpirus Hot Shot

      I know it is unlikely but let us say host has got owned, ie a hacker has managed to break into the host.

       

      How would they go about breaking into a linux VM that uses full disk encryption?

       

      They can't mess with the .vmdk without damaging it - it is encrypted by the guest.

       

      They can't use vmrun because they do not know the guest passwords.

       

      They can't attach to processes in the guest with debugging tools because they cannot see individual guest processes.

       

      What can they do?  And crucially, what can I do as a countermeasure?