Security Sandboxes and Virtualization

The easiest way to take advantage of the new security sandbox technology is to upgrade your hardware and software. Not everyone can afford to do that. What other options are there if you want a security sandbox?  Sandboxing is closely related to virtualization. Virtual computing is a good way to get some of the benefits of sandboxes without having to pay premium for a new machine.

This recommendation comes with two disclaimers. First of all: virtual machines may not be completely isolated, so if you decide to use them, you will still need to be vigilant. Second: as Joanna Rutkowska has rightly pointed out in her blog, hosted hypervisors (like VMware Workstation) are only as secure as the underlying host operating system.  A more secure solution would be to use bare-metal hypervisors, like VMware ESX, that are installed directly onto the hardware.

My next PC will be a macho laptop (lots of RAM, CPU, and disk), with a bare-metal hypervisor like VMware ESX.  (When Qubes OS supports Windows guest OSes, that would be a great choice too!)  Then, I will install Windows or Linux as a guest operating system, and use that for my regular computing needs.  Swa Frantzen from the Internet Storm Center suggested this:

That said, I think there’s an easier future for sophisticated users in running a number of virtual machines for their needs (e..g one VM for online banking and nothing else, one for data storage and nothing else (using virtual networking to the other VMs as needed), one for browsing the internet, one for working on private documents, one for working on work related documents, one to act as a firewall, one to play games on, one to watch ???? on, … That’s something one can do today already, it’ll work and it’ll have as much hassle as you set for yourself.

Below, I’ve put together some virtualization resources, categorized by operating system.

Microsoft Windows

• Microsoft Windows 8 plus limiting yourself to buying programs from the Windows App Store.
• Microsoft Hyper-V: if you are running Windows 8 Pro or Windows 8 Enterprise, you can run Hyper-V.
• VMWare Workstation: I use it.  It is awesome.  But, it’s not as secure as Qubes OS.
• Bromium: I haven’t tried this yet, but it sounds really interesting. If you try Bromium, let me know in the comments how it works for you!
• Qubes OS: this bare-metal hypervisor is based on Xen, but with significant security enhancements.  Qubes looks like the most secure architecture of all.  Here is a great article about Qubes and how it compares to other potential solutions. It looks like the Qubes OS team is adding Windows support in the near future.  Once that is accomplished, this will be the most secure alternative of all for running Windows VMs.  Joanna Rutkowska is the force behind this, and she knows what she is talking about.
• Linux Xen: less secure than Qubes OS, but has support for Microsoft Windows.

Apple Mac OS X

• Mac OS X Mountain Lion (10.8) plus limiting yourself to buying programs from the Apple App Store.
• VMware Fusion: VMware’s hosted hypervisor for Mac OS X.  In addition to enhanced security, it also allows you to run Windows programs.  The author of this article thinks Fusion is the best bet. 
  
• Parallels Desktop
• VirtualBox

Linux and Unix

• Solaris Containers
• Qubes OS: this bare-metal hypervisor is based on Xen, but with significant security enhancements.  Qubes looks like the most secure architecture of all.  Here is a great article about Qubes and how it compares to other potential solutions. It looks like the Qubes OS team is adding Windows support in the near future.  Once that is accomplished, this will be the most secure alternative of all for running Windows VMs.  Joanna Rutkowska is the force behind this, and she knows what she is talking about.
• Linux Xen: less secure than Qubes OS, but has support for Microsoft Windows.

Java

JAVA’s security sandbox is getting a bad rap. Java implemented a security sandbox with version 1.0.  Now, it may not be perfect, and many people are trying to break into Java now (because hackers have already found the easier security vulnerabilities in Windows and OS X), but hey: the developers of Java are really trying, and they have done a lot of things right!!  Give James Gosling of Sun Microsystems, the creator of Java, some kudos.  Thank you, James!!  You are an incredible rock star!!  In Java, James implemented a security sandbox technology in 1995.