There isn’t a whole lot(aside from it being slightly more expensive than just passing things through to hardware as fast as possible) keeping a hypervisor from doing whatever amuses it with a VM. It has full visibility of RAM and typically of mass storage and peripherals as well(physical peripherals attached to the VM’s PCIe root may be an exception depending on implementation).
However, aside from the “can’t really worry about everything here…” aspect, in the VPN case it’s less dramatic because the VPN is, by design, a man in the middle on all the network traffic; a position where you don’t actually need to tamper with the VPN endpoint to obtain a very privileged position.
The point of VPNs(when used as a privacy/security measure; rather than just because a VPN over public internet is crazy cheap compared to a dedicated hard line between most points A and B) is just that you get to choose your man in the middle; and that we connectivity situations are dire enough that there are choices that are sensible in context.
Even in the onion routing case, which sacrifices much to obfuscate the link between the origin and the exit of traffic, the exit node still gets to be man in the middle; just hopefully one who isn’t quite sure where one of the ends is.
The vulnerabilities have been in the wild now for over a year but as far as i know there are still no known exploits and while it’s obviously worth being concerned over i really don’t think we have to sling out all our devices just yet. Not least because fixing these flaws might not even be possible anyway.
Way above my pay grade! I don’t even think there are any cpu architectures even planned that know how to mitigate this, unless someone wants to correct me.
Shit, you guys are really depressing. As an almost completely tech-ignorant neanderthal, i count on you to keep me safe. I guess the answer is there is no safe. Sigh.
Dust off old computers with chips designed before they started making them that way. Wait for new (as-yet-undesigned?) systems with new chips that are designed without those features/vulnerabilities. And all the usual things to generally try to avoid running untrusted code.
One thought I’ve had is that in the old days, PCs were one user, one program at a time (possibly plus TSRs). Part of the threat from these new vulnerabilities is due to the modern multi-user multi-program paradigm where most systems have hundreds of processes running, programs have tons of dependencies, and the user doesn’t even know what most of them are. While it wouldn’t solve the problem, it would be a little safer to create some sort of minimalist system/configuration to avoid having other programs running when doing anything sensitive or with sensitive data. Of course, that’d be a PITA.