From what I've been hearing they seem to already have big customers using it. I wonder if it'll ever be available to individuals and small businesses.
It's pretty cool in that it appears to have some tripwire-esque stuff so that you get useful logs when malware does try to do dodgy things in their sandbox. It sounds like it can alert the user with something like, "your browser might be compromised, start a new session" and everything is captured/saved so that admins can come back later to do forensics with the session that went bad.
I think I've seen this before, in a post somewhere by one of their developers. I think it was about how insecure X11 is, because any X11 app can listen for all keystrokes made by the user. AFAIK people jumped on that post as "it's a known property of X11, stop making drama about it."
While I am all for virtualizing, it doesn't help security. It just moves the exploit from your OS into your hypervisor. Even worse, you add a whole new level of exploitable code.
Of course it improves security. On Qubes, someone who can exploit your browser (pdf reader, word processor) doesn't automatically get free rein on your machine. They still need to escape Xen.
That's nonsense. It doesn't automatically help security.
But compartmentalization does mean that barring a hypervisor exploit, each exploit can potentially be prevented from affecting more than a small part of the system.
I care a whole lot less if Chrome is exploited if it can't access my ssh keys, for example (not that I wouldn't still care, but the potential damage would be limited).
[+] [-] prohor|11 years ago|reply
[+] [-] EvanAnderson|11 years ago|reply
He absolutely tears apart application sandboxes like "Sandboxie".
[+] [-] csirac2|11 years ago|reply
It's pretty cool in that it appears to have some tripwire-esque stuff so that you get useful logs when malware does try to do dodgy things in their sandbox. It sounds like it can alert the user with something like, "your browser might be compromised, start a new session" and everything is captured/saved so that admins can come back later to do forensics with the session that went bad.
[+] [-] j_s|11 years ago|reply
Sandboxie was one of the original Windows application virtualization options 10 years ago.
I was hoping something would become the 'Docker for Windows' but these programs are being snapped up by software security companies.
[+] [-] bespoke_engnr|11 years ago|reply
[+] [-] justincormack|11 years ago|reply
[1] http://www.invisiblethingslab.com/resources/2014/Software_co...
[+] [-] phaer|11 years ago|reply
Out of curiosity: What's the reason for them being proprietary while the rest of the system seems to be free software?
[+] [-] j_s|11 years ago|reply
[+] [-] nnnnni|11 years ago|reply
If there's no performance loss, great.
[+] [-] smurfcity|11 years ago|reply
[+] [-] eeZi|11 years ago|reply
[+] [-] michaelmior|11 years ago|reply
[0] http://sysweb.cs.toronto.edu/vmgl
[+] [-] niutech|11 years ago|reply
[+] [-] anth1y|11 years ago|reply
[+] [-] lawnchair_larry|11 years ago|reply
[+] [-] leonxy|11 years ago|reply
[+] [-] mrottenkolber|11 years ago|reply
[+] [-] spindritf|11 years ago|reply
[+] [-] vidarh|11 years ago|reply
But compartmentalization does mean that barring a hypervisor exploit, each exploit can potentially be prevented from affecting more than a small part of the system.
I care a whole lot less if Chrome is exploited if it can't access my ssh keys, for example (not that I wouldn't still care, but the potential damage would be limited).
[+] [-] timmclean|11 years ago|reply
[1] http://www.invisiblethingslab.com/resources/2014/Software_co...
[+] [-] na85|11 years ago|reply