application security using a copy-on-write virtual machine

An architecture is possible that uses a lightweight VM for use as an application sandbox. Instead of the duplication of an OS plus a run-time environment, this virtual machine uses the host environment as a read-only resource. This allows the VM to serve as a Sandbox that allows reads and writes to the file system, but only the VM address space is modified. Since the host OS environment is supplying a-prior values, the total VM footprint is minimal. This architecture is able to serve as a base for secure application solutions.

In practice an application is installed into a host OS and via installation and use it creates a cache mirror of changed OS data and resources that it would normally have modified in the traditional installation. This application and the ‘cache’ is then versioned and mirrored. If the application is compromised it is deleted or the cache is rolled back to the period before the compromise.

There are many types of virtual machines. Two examples are the system VM types such as VMWare or Oracle VirtualBox, another is the focused process VM such as the Java Virtual Machine, Dalvik VM, or the Common Language Runtime. The former are complex and since they must “dupe” an OS are large and complex. The latter application level VMs are smaller and optimized for a single runtime environment. Each of these have corresponding security issues.

A virtual machine is usually a sandbox in implementation and provides a level of security. However, the cost is that it must duplicate OS resources. In contrast the sandboxed process VM type being discussed here depends on a real OS host and does as little duplication of the environment as possible. It is not generic, but integral to a specific application program or system.

Though this may possibly help in making an application survive destruction by protecting the storage address space, there is still the issue of active infiltration and use of system resources such as networks accessible to the application. Perhaps this type of VM will make conventional security practices and tools more useful?

Summary
Just an idea off the top of my head. Haven’t looked to see if is unique or even remotely makes sense.

Updates
June 12, 2013: “Security Anti-Pattern – Mobile Hypervisors (for user facing VM’s)
August 31, 2013: Was just reading about Docker which uses the LXC (LinuX Containers). Maybe that is what I had in mind.

Further reading

  1. Android Application Sandbox
  2. Virtual Machine
  3. Sandbox
  4. Pushing The Limits of Web Browsers … or Why Speed Matters
  5. Sandboxing Java Code
  6. Security Anti-Pattern – Mobile Hypervisors (for user facing VM’s)

Download app, give away your body, mind and soul?

I was looking to download one of those flashlight apps for an Android phone. But, then was assaulted by the list of permissions it wanted to have.

I was looking to download one of those flashlight apps for an Android phone. I have one on the iPhone.

Found some free ones. So, I hit the download or install button and then looked at the permissions that this app requires or is given. What! It wants to read my phone number, look in my contacts list, make internet connections, look at my school records, review my medical charts, do a rectal exam, interview my neighbors, cop a feel, practice root canal, withdraw from my meager savings, take out a second mortgage, and also, but not the last, peer into my soul and decide if I deserve Moksha or must burn for eternity in some exoteric religious hell.

Ah, no thanks. I’ll just go buy another real flashlight.

The Android market as a whole needs to address this. Or don’t. Just do what Microsoft, Apple, and every other company does, don’t talk about it; don’t even mention permissions. Shhhhh. All apps are dangerous. Secret, its between you and me.

What you expect the User to install VPN, Firewalls, Antivirus, Virtual Machines, etc. Ain’t gonna happen. Besides, security and privacy are partially a human behavior and marketing issue. Lack of privacy is profiting someone somewhere.

Updates
Funny I wrote this and later read about what Google is doing to combat malware. Synchronicity perhaps.

2012-Mar-9: My Samsung Note phablet came with a paltry set of ringtones, unlike the iPhone. Went to Android Market for some. Yup, a ringtone app wants access to everything! Just while viewing the reviews on one of the free ones, I felt a tug on my wallet. What gives? Its a ringtone, sounds, you need to access my contacts, phone, yada, yada, yada…….

2015-6-1: 10 best Android flashlight apps with no extra permissions

Further reading


Tony Bennett – Body and Soul


Coleman Hawkins – Body & Soul


Bill Evans trio + Toots Thielemans – Body & Soul