Bromium, the security software company that was started by the techies who brought us the Xen open-source hypervisor out of Cambridge University, has brought vSentry, its first product, to market. But unless you are buying a new PC from a partner who is bundling the vSentry tool on a new machine, you probably won't be able to …
A false sense of security perhaps?
I'm not saying this product is a bad thing, but we should be careful how much we trust it none-the-less.
Most would assume that an OS running in a VM can't attack the host system, and yet there are vulnerabilities (most recently in Xen 4.1.2) that allow this to happen. There's no reason a microvisor won't have the same issues, especially once it's targeted.
As they say, though, there's far less code for them to keep an eye on than in a full Windows install, so it should be easier to find and fix.
"the microvisor and its microVMs know what different programs are supposed to do and what they are not supposed to do"
This pirate be a wee bit on the skeptical side.... especially with land-lubbers blathering on that "Startup Bromium Could End Computer Viruses Forever" (ref).
Methinks this sounds like a hardware assisted version of ye olde App Armor me matey. That be nice and all, but until it be out on the seas and at risk of being lost to Davy Jone's locker (read: risk getting owned by real security researchers hammering on it) me and me crew won't blink a good eye about spending our booty on it.
Perhaps the Chinese supply chains should use it
You know, the ones that are allegedly distributing pirated copies of Windows... Aaargh!
Hearing about it here and there, all I can say is that it's an interesting approach to the problem, to say the least. I'll give them points for coming up with something rather novel. And bully them for taking a "whitelist" approach to trust. Starting slow is fine for a whitelist. Just as in real life, trust should be earned the hard way.
But as others have said, this still needs to face the acid test. Two concerns abound. First, there is already VM-aware malware in the wild. They can sniff out virtual machines and either not run or, worse, trigger the second concern. Second, how well-guarded is this MicroVM against a rogue process trying to "redpill" its way out?
- Pic Mars rover 2020: Oxygen generation and 6 more amazing experiments
- Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
- Plug and PREY: Hackers reprogram USB drives to silently infect PCs
- Review Fiat Panda Cross: 'Interesting-looking' Multipla spawn hits UK
- Analysis PEAK LANDFILL: Why tablet gloom is good news for Windows users