1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Secure Operating System Released - Alpha Stage Open Source Development

Discussion in 'Tech-Related News' started by lotuseclat79, Apr 9, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
    I've downloaded the PDF technical architecture document, and I must say it is quite exciting to see this on the horizon - a more stable release is expected at the end of this year.

    The reason to be excited is that one of the foremost security researchers in the world is behind the development - Joanna Rutkowska and her Invisible Things Lab collaborator Rafal Wojtczuk! Another reason to be excited is that Johanna has already boot-strapped this new technology to her laptop and continues to develop the system on a daily basis - any competent and successful vendor does the same with their systems under development, i.e. uses them on a daily basis for normal business operations.

    They describe the motivation behind their development in a very clear convincing way.

    Architecture. This web page contains a download link to the pre-release architecture specification.

    Key architecture features:

    1. Based on a secure bare-metal hypervisor (Xen)
    2. Networking code sand-boxed in an unprivileged VM (using IOMMU/VT-d)
    3. No networking code in the privileged domain (dom0)
    4. All user applications run in “AppVMs”, lightweight VMs based on Linux
    5. Centralized updates of all AppVMs based on the same template
    6. Qubes GUI virtualization presents applications like if they were running locally
    7. Qubes GUI provides isolation between apps sharing the same desktop
    8. Storage drivers and backends sand-boxed in an unprivileged virtual machine(*)
    9. Secure system boot based on Intel TXT(*)
    (*) Indicates feature that is planned for future releases, currently not implemented.

    They nailed the current technology shortcomings: over-complexity of the OS API, insecure GUI design, and a monolithic kernel architecture. This coupled with the fact that vendors take a reactive approach to security that does not scale well is an insecure approach to providing security in their opinion.

    I urge all of you to keep abreast of this development as it is open source and based on re-usable components that provide isolation capability like the Xen hypervisor, and technology like Intel VT-d and Trusted Execution Technology.

    Does your computer support these technologies - make plans for it! This architecture may look familiar to many of you, but clearly does not exist with any of today's available technology.

    -- Tom
     
  2. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
    Just in case any of you are wondering whether there are any other efforts out there for a Secure Operating System, here is one such example to keep track of for comparison purposes:

    Battling Botnets With An Awesome OS.

    Despite security software, patches and updates, your computer remains threatened by attack and takeover from hackers and cyber-criminals who will turn your PC into their networked robot -- or "bot" -- creating mischief to mayhem by everything from spreading spam to looting bank accounts.

    Note: Both approaches are similar in that they are "virtual machine" approaches, however, Qubesos provides the framework to run other VMs, while Ethos it seems will run on a "virtual machine" computer to separate the applications.

    The goal of the Ethos project is "to learn what a security OS looks like" while the Qubesos project seems to have already figured that out. What is needed is a proof-of-concept and IMHO Qubesos will accomplish that toward the end of this year with a more stable release than the current alpha.

    -- Tom
     
  3. tomdkat

    tomdkat Retired Trusted Advisor

    Joined:
    May 6, 2006
    Messages:
    7,148
    Thanks for the info! Qubes looks interesting, indeed! (y)

    Peace...
     
  4. Nebastion

    Nebastion

    Joined:
    Apr 23, 2009
    Messages:
    548
    Yeah, after trying many distros' they all have their flaws, could this be a publicly Universal, user friendly, close to flawless OS? ......
    I doubt it, but security is a Massive issue, the internet is NOT a safe place.
    Wait until the 16th see what they say about it at the Campus.

    Thanks!
     
  5. tomdkat

    tomdkat Retired Trusted Advisor

    Joined:
    May 6, 2006
    Messages:
    7,148
    Have you tried OpenBSD? From a security standpoint, it's supposed to be very secure.

    If I have the disk space, I'll install OpenBSD in a VirtualBox environment and check it out. :)

    Peace...
     
  6. Nebastion

    Nebastion

    Joined:
    Apr 23, 2009
    Messages:
    548
    No iv never heard of it. Its Linuxed Based??

    Sorry now i dont want to change this thread into a a different topic but how hard is it to set up a VM or Virtual box environment?

    I have sandboxie on my Laptop but my Desktop is Vista 64Bit, and sadly Sandoxie dont swing that way.
    I usually use Ubuntu for Browsing but sometimes im in windows (LIKE NOW!!) and i brows away + some people dont know how to use Ubuntu in the house......

    Could you point me in the right direction as regards as a Virtual Box please?


    All the Best

    Neb
     
  7. tomdkat

    tomdkat Retired Trusted Advisor

    Joined:
    May 6, 2006
    Messages:
    7,148
    Nope. OpenBSD is an open source distribution of BSD Unix. The main focus of OpenBSD is security so it's "hardened" by default, I believe. NetBSD and FreeBSD are other freely available BSD distributions out there.

    It's easy. :)

    You can read all about VirtualBox here. VMWare could also work, if you want to check that out too.

    On my Ubuntu Linux system, I've got ChromeOS, OpenSolaris, Windows 2000, and Kubuntu 9.10 installed in virtual environments and they all run fine, even on my dated AMD Athlon64 3200+ @ 2GHz CPU w/ 1.5GB of RAM. :)

    Peace...
     
  8. Mumbodog

    Mumbodog

    Joined:
    Oct 3, 2007
    Messages:
    7,889
  9. Nebastion

    Nebastion

    Joined:
    Apr 23, 2009
    Messages:
    548
    Thanks [​IMG] tomdkat ill check that out... that would be Great if i could run XP under Ubuntu, I wonder how well Games would Run?

    Ill give it a go. might treat myself to a new Hardrive. Yeay.





    As For the Axe Murderer Rafal Wojtczuk, (if that is your Real Name) ill look forward to seeing the outcome.

    [​IMG]


    Neb
     
  10. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
  11. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
  12. tomdkat

    tomdkat Retired Trusted Advisor

    Joined:
    May 6, 2006
    Messages:
    7,148
    Of course, there's Chromuim OS too. :)

    Peace...
     
  13. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
    If one wants to trust Google!

    -- Tom
     
  14. tomdkat

    tomdkat Retired Trusted Advisor

    Joined:
    May 6, 2006
    Messages:
    7,148
    Regardless, it's a secure open source OS that looks promising in the approach they're taking. :)

    Peace...
     
  15. Mumbodog

    Mumbodog

    Joined:
    Oct 3, 2007
    Messages:
    7,889
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/915869

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice