June 22, 2012
Wired Enterprise 6/20/12 -
Google’s Chrome browser was built to keep every webpage you visit from attacking everything else on your machine. Each browser tab sits in its own security “sandbox,” isolated not only from other applications and your machine’s core operating system, but from every other browser tab. Google has even built a tool that seeks to protect your machine when your browser runs “native code” — code that talks directly to your hardware.
But Simon Crosby says all this Google security is flawed. He says Google’s sandbox is inadequate simply because it’s software written by mere mortals, and he calls Google Native Client “nonsense.”
“These methods fail because they require humans to write code, and wherever you have code, you have vulnerabilities,” he says. “[Chrome's sandox] is a massively broad interface. It’s no surprise that Chrome still has zero-day vulnerabilities.”
“This is a complete paradigm shift, and it will invert your brain. We call it virtualization, but to understand it, you need to forget everything you know about virtualization.”
– Simon Crosby
This is just how he talks. Simon Crosby is known for his, shall we say, incisive opinions on the giants of the tech world. But he’s also known for creating the Xen hypervisor — the open source software that helps run virtual machines across Amazon’s massively popular cloud service and so many other online operations — and there’s usually a purpose to his frank criticism. In flaming Google, his aim is to show that he and his new company, Bromium, have built a security tool that succeeds where the search giant ostensibly fails.
Yes, Bromium’s new tool involves virtualization — the art of creating software that’s separated from the software and hardware running beneath it. But he says the company has created an entirely new form of virtualization. He calls it micro-virtualization, and the idea is to protect your machine from every malicious piece of code you may click on, including rogue web addresses, email attachments, and other files.
Humans, he says, will always click on malware. We’re just gullible that way. But Bromium uses tools built into Intel’s existing microprocessors to isolate rogue code from the rest of your machine. “This is a complete paradigm shift, and it will invert your brain,” Crosby says. “We call it virtualization … but to understand it, you need to forget everything you know about virtualization.”
Tapping into microprocessor hardware originally designed to facilitate the use of virtualization, the tool extends the idea of Google’s sandbox to all other applications on your machine, and according to Crosby, it’s less vulnerable to attack because the code used to build is minuscule compared to the code behind software such as a Google’s sandbox. Most of the work, he says, is done with hardware. “We use hardware virtualization to isolate between different boundaries of trust. It’s a hardware backstop for whenever we cross one of those boundaries.”
Asked to comment on Crosby’s comparison between Bromium and Google Chrome’s security, Google told us it didn’t have enough information on Bromium to adequately respond. But it did defend its security record as “strong.”
Revealed today at a conference in San Francisco, Crosby’s micro-virtualization technology is still in the “beta” test phase. It has no price tag at the moment, and Crosby himself admits there are parts of this creation that still need honing. But he’s adamant the tool will revolutionize computer security within the world’s businesses.
Judging from Crosby’s description of the tool, security researcher Joanna Rutkowska questions whether it’s as useful as Crosby says it is. But at first blush, she does see this as extension of the trend towards security that provides better isolation between disparate applications running on the same machine. This includes not only Google’s Chrome sandbox but the “Protected Mode” Microsoft now offers with its Internet Explorer browser and the various sandboxes Google has helped build for plugins such as Adobe Flash.
“It seems like Bromium avoided addressing any of the hard problems of the desktop computing, focusing instead on the most basic form of application isolation,” says Rutkowska. “[But] this…should not be automatically interpreted as a useless solution. Providing even basic isolation between applications is always a good thing. After all, until recently, most desktop OSes, such as Windows or Mac, practically didn’t use any form of isolation between apps.”
It should be noted, however, the Rutkowska is also using the virtualization tools built into microprocessor to build a security system that seeks to go well beyond Bromium’s technology.
But Crosby argues his tool is superior because it can be readily installed on existing operating systems and is far easier to use. Your OS continues to work as it always did, and you can take your machine onto any network — at least in theory.
“You can’t just build a big wall around everything. A [business] that is completely locked down is not productive,” he says. “Humans inherently like to go out into the world to be productive, whether it’s hunting and gathering or going to Starbucks with a business colleague to discuss a deal, browsing the web and opening an attachment.”
Go to full article here.