detecting virtualization

Running malware in a virtual machine is common for researchers looking to examine the effects and even reverse engineer the malware. This presentation goes into some of the new techniques associated with malware detecting the use of a virtual machine in order to stop execution and prevent reversing. Of note, if we can have malware execution stopped by virtual machines, could end users be a bit safer by using desktop systems as virtual machines (with a thin client front end)? Or perhaps will malware be able to specifically sniff out and target virtual machines if some vulnerability were found in the, say, virtualized drivers?