Stories
Slash Boxes
Comments

SoylentNews is people

No Windows Qubes port due to Win API, architecture

posted by Cactus on Saturday February 22 2014, @09:15PM   Printer-friendly
from the get-outta-my-sandbox dept.

CQ writes:

Qubes-OS, the Security-by-Isolation, VM-based operating system, has concluded that a port to the Windows OS line isn't feasible. In this post, the CEO of Inivisble Things Labs outlines what she had hoped to accomplish with the port and her explaination why it was just not meant to be.

This paper [pdf] contains all the technical bits you need to know, and the explanation on why the Windows APIs and system architecture are not appropriate for the task of creating an isolation system. It also has some interesting (if that's your thing) information on the Windows security model.

Does anyone here have any experience with Qubes? Does it make sandboxing easy enough for day to day use?

 
This discussion has been archived. No new comments can be posted.
No Windows Qubes port due to Win API, architecture | Log In/Create an Account | Top | 18 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Interesting) by jonh on Saturday February 22 2014, @10:12PM

    by jonh (733) on Saturday February 22 2014, @10:12PM (#4974) Homepage

    Reading between the lines of the PDF, it seems to be saying that they think they could have come up with a working solution if they'd bypassed the Kernel Patch Protection (and presumably gone on to patch the Windows kernel), but they didn't want to go down this route because they were worried that Microsoft might sue them. Is that a fair interpretation, or am I reading too much into it?

    Starting Score:    1  point
    Moderation   +4  
       Interesting=2, Informative=1, Underrated=1, Total=4
    Extra 'Interesting' Modifier   0  
    Total Score:   5  

  • (Score: 5, Informative) by maxwell demon on Saturday February 22 2014, @10:45PM

    by maxwell demon (1608) on Saturday February 22 2014, @10:45PM (#4990) Journal

    That was one of the stated problems. The other one was security considerations. They didn't elaborate on that, but I think it's obvious: If your security relies on undocumented functionality which you are not supposed to use, then you cannot know if the next update of Windows will make some modifications in that functionality which happens to put a gaping security hole into your application (this doesn't even need to be intentional; the developers are allowed to assume nobody else uses that undocumented functionality, so they can change it in any way that fits, as long as the documented functionality doesn't break).

    You don't want to base your security on something which may change at any time in any conceivable way.

    --
    The Tao of math: The numbers you can count are not the real numbers.

    • (Score: 1) by doug on Sunday February 23 2014, @04:19AM

      by doug (2830) on Sunday February 23 2014, @04:19AM (#5074)

      Basing your security on something that may change is perhaps viable if your business model is to be acquired by the OS vendor... as opposed to serving end customers.