>>- Phoning home: Hyper-V is designed to scale up to data center/cloud levels. Those operators do not appreciate software phoning home and have the skills to prevent that. Even if MS's EULAs allow Hyper-V to phone home I'd be surprised if it does in practice
>
>We recently had a security audit and no problems. But as we sling personal data required to be protected by law over here (the same laws that torpedoed safe harbour, but not only on a personal level, so the requirements are a notch higher) my main worry is that another audit might tut-tut on using Hyper-V as it might contain a backdoor for NSA, having no written guarantee not to phone home and we did not have the knowledge to erect an outbound firewall blocking all of MS tries...

I understand data protection laws are more stringent in Europe (and Germany in particular IIRC). So that makes your lives more difficult.

"written guarantee not to phone home" - I don't know of any product which gives you that. Linux offers no guarantees whatsoever for any reason or purpose. I'm pretty sure the BSDs (even OpenBSD) don't give you that either. And that's just where source can be examined. Hyper-V and VMWare products could have something latent, as end users we can't prove a negative (that the products don't contain phone home/backdoor code). About all we can do is "trust" that those are not in place, the idea being if something is ever found, no-one will trust those products again.

Security audits can tut-tut but in practice, what can users or sysadmins do? Stop using Hyper-V or VMWare because the code can't be audited? If so, switch to open source - but in that case, who has the skills to audit all that code? You end up having to trust someone - or not use virtualization at all. Running on bare metal servers has its own problems.

It's not just hypervisors. Antivirus products run with deep system privileges and can do anything they want. I don't know of any open-source real-time product; ClamAV is open-source but isn't real-time so if you want real-time protection you're using closed source. It may not apply in your case because many locked-down environments don't run any AV at all but for many organizations and users they're running closed-source AV that has full system privileges, and is known (and allowed) to frequently phone home using encrypted communications.

Juniper switchgear with backdoors, Snowden talking about Cisco gear being intercepted and tampered with while being shipped from Cisco to customers, the list is endless...