A new open-source operating system will come with the option of
creating one-time, disposable virtual machines on the fly as a way
to protect against malicious files.
Invisible Things Lab is creating these lightweight, throwaway VMs
that work with traditional virtual machines in Qubes, the
open-source, Xen-based OS it plans to release in beta later this
summer. Qubes was architected to minimize the attack surface in the
VM environment.
Disposable VMs don't provide persistent storage and are launched on
a per-document basis to open a PDF, PowerPoint, or music or video
file, for instance, according to Joanna Rutkowska, founder and CEO
of Invisible Things Lab. They provide a safe sandbox for opening a
file or attachment: If a file opened by a disposable VM is
infected, the only thing it can hurt is the throwaway VM itself,
not any other applications or files.
The disposable VM is clean, and its only purpose is for viewing the
file, for instance; then it gets tossed away. "You still run your
email client in a 'work' AppVM -- which is not disposable [because]
you need to store your email client configuration, archived emails,
your documents, etc. -- but you open attachments in disposable
VMs," Rutkowska says.
Invisible Things Lab also plans to ultimately release a commercial
version of the OS, Qubes Pro, that can run Windows applications
using Windows-based application VMs.
"Our goal with Qubes is to make it usable not only by Linux geeks,
but also by people like lawyers, doctors, businesspeople, and
anybody who is concerned about potential compromise of their data,"
Rutkowska says. Making Qubes easy to use is one of our two main
goals -- the other being exceptional security."
Rutkowska, who announced the disposable VM feature in a blog post
this week, says the temporary VMs run under the Xen hypervisor in
Qubes. Qubes' architecture helps prevent attacks where malware
escapes from a VM and infects other applications or data.