SoylentNews is people
SoylentNews
I just saw this story at Ars Technica where Microsoft has announced that Windows 10 will run its Edge browser in a virtual machine:
ATLANTA—Microsoft has announced that the next major update to Windows 10 will run its Edge browser in a lightweight virtual machine. Running the update in a virtual machine will make exploiting the browser and attacking the operating system or compromising user data more challenging.
Called Windows Defender Application Guard for Microsoft Edge, the new capability builds on the virtual machine-based security that was first introduced last summer in Windows 10. Windows 10's Virtualization Based Security (VBS) uses small virtual machines and the Hyper-V hypervisor to isolate certain critical data and processes from the rest of the system. The most important of these is Credential Guard, which stores network credentials and password hashes in an isolated virtual machine. This isolation prevents the popular MimiKatz tool from harvesting those password hashes. In turn, it also prevents a hacker from breaking into one machine and then using stolen credentials to spread to other machines on the same network.
The Edge browser already creates a secure sandbox for its processes, a technique that tries to limit the damage that can be done when malicious code runs within the browser. The sandbox has limited access to the rest of the system and its data, so successful exploits need to break free from the sandbox's constraints. Often they do this by attacking the operating system itself, using operating system flaws to elevate their privileges.
Credential Guard's virtual machine is very small and lightweight, running only a relatively simple process to manage credentials. Application Guard will go much further by running large parts of the Edge browser within a virtual machine. This virtual machine won't, however, need a full operating system running inside it—just a minimal set of Windows features required to run the browser. Because Application Guard is running in a virtual machine it will have a much higher barrier between it and the host platform. It can't see other processes, it can't access local storage, it can't access any other installed applications, and, critically, it can't attack the kernel of the host system.
[...] This virtualization also likely comes at some performance cost, although Microsoft is not saying just what that performance cost is right now.
[...] Application Guard will become available later this year in Insider builds of Windows, hitting a stable version some time in 2017.
(Score: 2, Insightful) by coolgopher on Tuesday September 27 2016, @02:00PM
...that downloading and running untrusted code is perhaps not the best approach to security.
(Score: 4, Insightful) by Scruffy Beard 2 on Tuesday September 27 2016, @02:09PM
We are told to get with the times when objecting to Client-side scripting.
(Score: 2) by The Mighty Buzzard on Tuesday September 27 2016, @02:35PM
We're told that too. We mostly give them the bird in return.
My rights don't end where your fear begins.
(Score: 1) by DeVilla on Friday September 30 2016, @02:44AM
See below: https://soylentnews.org/comments.pl?sid=15720&cid=407061#commentwrap [soylentnews.org]
(Score: 4, Insightful) by lgw on Tuesday September 27 2016, @06:19PM
So you browse with JS turned off everywhere? I wish that were practical. "Downloading and running untrusted code" is just how the web works these days, sad as that is. So, the more isolation the better.
(Score: 4, Informative) by Marand on Wednesday September 28 2016, @05:26AM
So you browse with JS turned off everywhere? I wish that were practical. "Downloading and running untrusted code" is just how the web works these days, sad as that is. So, the more isolation the better.
Close enough. NoScript, blacklist all domains by default. Occasional temporary whitelisting for a site, and a handful of them get permanently whitelisted if I visit often and believe they're trustworthy enough. Despite everyone's claims that the web is horribly broken like this, I've managed just fine. Most sites have sane fallbacks when javascript is disabled, and the ones that don't usually work fine with only the one domain whitelisted (no need for third-party ones). A few need two domains whitelisted: the site and some kind of CDN or other secondary site (like a media-serving domain).
Sometimes a site will behave so poorly that it won't work like this, but it's rare. Usually the only casualty to my NoScript use is a page's advertisements, boo fucking hoo.
(Score: 0) by Anonymous Coward on Tuesday September 27 2016, @08:57PM
Here is the problem.
1. you want a newspaper web, where you read but hardly interact
2. people want interactive web
Doing POST and GET on entire page is as interactive as a slide-show. Anyway, some people use part of the Internet services like you propose.
https://stallman.org/stallman-computing.html [stallman.org]
(Score: 2) by coolgopher on Wednesday September 28 2016, @02:09AM
I disagree with both of your statements.
1. No. I want a clear distinction between passive content and code (applications). News-"papers" -> passive content. Gmail -> app. Under no circumstance should the gmail app get to run anything on my system without my express authorization. There's a damn good reason why modern CPUs have page protection bits saying whether the bytes kept there are allowed to be executed or not. The current browser paradigm willfully ignores what other areas of the computing industry learned years and years ago.
2. No, people want stuff that works and let them do things they like doing. They couldn't give two figs about how that happens under the hood. It's on us techies to make what's under the hood not suck. Currently we're doing a bad job at that.
And bless Stallman's little heart - we need someone on that extreme end of the scale to help balance the other bunch.