"x86 virtualization is about basically placing another nearly full kernel, full of new bugs, on top of a nasty x86 architecture which barely has correct page protection. Then running your operating system on the other side of this brand new pile of shit.
You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes."
Theo using lots of clever words to call someone stupid isn't a refutation of this. Even if both layers have holes, the fact that there's more than one layer does, in fact, suggest the composition is more secure.
Security guys have been going on about "defense-in-depth" for decades, and it all still looks like a trash fire to me.
From a systems perspective, you don't make things more robust by adding more layers that can break. You do it by simplifying it down to something manageable, then managing it.
You call it a security layer. I call it an extra attack surface.
I'd say she is well aware of the limitations of her product.
Even back in the 70s, guys like Minsky and Kay knew that bending the man to accommodate the machine was not the way to go about it. x86 is even worse than that because we're bending the man to a half-baked machine that is the result of a collection of historical missteps committed by guys who were geniuses at chemistry and physics, but amateurs at computing.
Then to add insult to injury, in the early days of the PC, IBM drug their feet and tried to hobble the thing enough so that it wouldn't eat into their mainframe sales. I believe that was part of why Microsoft parted ways with them.
In light of current circumstances, Rutkowska has developed a solution that's arguably more than just "reasonably" secure.