Where's my VMSafe for VMSafe?

VMWare continues to tease with VMSafe prototypes; while Reuven Cohen points out that vsphere isn't cloud computing (argue amongst yourselves about terms like "private cloud"), I like the idea of the ability to use the hypervisor to inspect the security state of the guest machines, but where's my API to confirm that the hypervisor is in a secure state?

VMsafe enables partners to build security solutions in the form of a virtual machine that can access, correlate and modify data to help control and protect: * Memory and CPU. VMsafe provides introspection of virtual machine memory pages and CPU states. * Networking. VMsafe enables filtering of network packets inside hypervisors,,as well as within the security virtual machine itself. * Process execution. VMsafe provided in-guest, in-process APIs that enable complete monitoring and control of process execution. * Storage. Guest virtual machine disk files can be mounted, manipulated and modified as they persist on storage devices.

If the API that provides my security tools the ability to look inside guest machines doesn't allow me to confirm that it's executing in a secure state, how can I trust the output from the API. It's the same old problem, if the someone shows up with a blue pill, any reliability assertion I can make from technology above is effectively meaningless. So really at the end of it all, I'm just going to have to make an assumption that the stack is secure driven by how much I trust the provider and the compensating controls on the underlying host (anti-X, ACL's etc...) knowing that there will always be (with current state tech) no way to defend against a nested VM attack were the true hypervisor is malicious. Speculation: Would full hardware virtualization solve this problem? Probably not unless it were completely locked in its behaviour (which would probably make it rather less than useful). I think the only way we're going to solve the nested VM security problem is a process outside of the virtualization stack, with a read-only monitoring port that can make assertions about the integrity of the virtualization stack (but that's just a WAG, I'm clearly no computer scientist). and now for a moment of pointless FUD: Here's a funny thought, if VMSafe allows me to inspect the "memory pages and CPU states" of a guest OS - does that mean I can get access to the encryption keys and other sensitive information inside the guest VMs?