 Hi everyone, welcome to the seminar. So today's speaker is Adrian Taylor who came all the way from the UK for this talk. Adrian did his undergrad at the University of Bristol and then his grad studies at Imperial College. And he then worked for Symbian and Real BMC and a couple of other companies. So now she's at Bromium and we'll talk about some work they do in the intersection of virtualization and security and as you can see there is equipment for the demo as well, so it should be good. Hi everybody, so as he says, Bromium is a company that does virtualization and security. We founded by some of the same people who created the Zen hypervisor. So could I have a show of hands? Who's come across Zen? Who's heard of Zen? Okay, excellent. So that's the hypervisor used in lots of the major cloud services like Amazon and Rackspace and things like that. What I want to talk through today is what we do at Bromium. We isolate things in the endpoint for added security. I'm going to give you some slides obviously and also some demos of some simple malware attacks and how we can help with that. And I'm going to need to see my notes so I can wonder if I can form a story about that. Bromium is a company. It's 45 people or thereabouts in Cupertina so not far from here and another 45 in Cambridge in England so obviously you can tell I'm from the Cambridge side. And I want to start off by telling you a story. This is a true story about a petrochemical company. I've changed some of the details but it's basically true. Every Wednesday the CEO gets his emails stolen and he's getting quite wound up by this. And the way it works is the attackers, whoever they are, the first tier of attackers will come along at 10 o'clock in the morning say and they will try some simple exploits that were tried the week before, well known attacks and they'll see if they can get the details, the commercial secrets, the trade secrets from this petrochemical company. So whether they're exploring oil or building rigs or whatever commercial information they want. And usually that doesn't work of course because there's inevitably lots of preventative measures on their network. There's firewalls, there's intrusion detection systems and antivirus and things like that. So usually the first wave of attacks doesn't work. So an hour later, if that didn't work, then the attackers will escalate within their organisation. They're very organised, they're very commercially minded. And a second tier of attackers will come along and try something a little bit more controversial, a little bit more fruity and will try some exploits that perhaps haven't been seen very often and aren't well known in the security community. Usually that will work. Do you want to make a slide here? Yes, often that will work and often the attackers will manage to get the stuff they need. But if it doesn't work, a third tier comes along an hour later and they'll try something completely new. Some totally new exploit that hasn't been seen for. And in the end the attackers will get their email and get the trade secrets that they need, which is all slightly sinister. I know I've heard this story about a year ago. This is still pretty much continuing. And the scary thing is the company that's being attacked, they know they're being attacked. It's very consistent. They know when they're being attacked and they know roughly who they're being attacked by. But they can't do anything about it because there's always more zero day exploits and things that the attackers can use. And in fact they can characterise their attackers so well that they know when it's their appraisal time. When the attackers in this attacking company or whichever organisation it is, when their appraisal is due, they try that little bit harder. They steal some more people's email and they do extra sinister stuff. So they can characterise their attackers that well but they can't actually do anything about it. And just in case you think this is a one-off incident, clearly you guys here have the NSA. And the fox acid revelations that have come out of Snowden in the past few weeks shows that the NSA does pretty much the same thing. They will choose attacks to use against high value targets depending on the value of that target, depending on all kinds of criteria about how likely the attack is to succeed and how much they care about whether the attack is discovered and broadcast to the wider security community so that it's subsequently an antivirus product. So this sort of phased approach with different tiers of attackers is used by you guys and other people around the world. It's a great effect. So how does it typically work? It typically works with some sort of spearfishing attack. That means that somebody gets an email or something which is very convincing and causes them to load some data from outside the network, whether that's an attachment, obviously a web page, something like that. That will then result in the execution of code to parse and understand that data format. So a daily reader will open the PDF or an internet explorer will go and actually render the website. And they will run exploiting some bug in that code to get some code running on the PC. And the bad guys only need to get a few bytes of code running and from there they can build up to a more complicated payload, more complicated attack mechanism until eventually they can get enough code running on the machine to have full access to it and fully poke around it and see what's happening there and on the network. So once they've got that foothold, then from then on it's very easy for them to see what's going on, both on the PC and on the wider network. So two things about this story of doom sounds a bit implausible. One of them is that there are so many exploits. Well, there are. So here's a price list and I wish we'd come up with this but it was an article on Forbes.com showing how much on the open market you can buy a zero day exploit for various things. So simple attacks for the only reader allegedly go for just $5,000. So if the guy you're attacking, the company you're attacking uses a domain reader and you're a bad guy, it's economically rational, you'd spend $5,000 just to go and attack them and steal any secret that's worth more than $5,000. For stuff that's a bit more secure, into the explorer you're going to have to pay more. iOS, there's not a lot of vulnerabilities known so you have to pay a lot to get a vulnerability to get an attack there. But these numbers I find quite terrifying. There is an open market on these things and if you're a bad guy who wants to attack an organization, it's reasonably cheap to go and get a new zero day exploit you can use to do that. Something like Chrome, which sort of does a better architecture, uses more processes running at lower privilege and is also aggressively patched all the way through to start the browser. It's a good question. And actually I simplified this table. In the original Forbes article, this row, Internet Explorer, also listed Chrome for the same price. Now as I say, these are not our figures. They sound plausible to me, but I would have expected Chrome attacks to be more expensive, yes. Yeah, I would too. So the other thing that sounds kind of implausible is that people would fall for these spearfishing emails. This is a photo of the limo at my hotel in Cupertino. And the reason I bring this up is just last week, a guy called Kevin Mandir who runs a very well known, one of the premier Internet security companies, he apparently got spearfished. And he got spearfished like this. He uses a lot of limos and some bad guys somewhere sent him some emails which were purported to be the invoices for his limo journeys. So they not only knew which limo company he was using, but they knew where he was going so they could put together the right kinds of invoices and presumably these were PDFs and presumably he opened them, presumably malware may have executed on his PC and in his network. So if the bad guys are going to go to that level of detail and possibly even have physical spies on the ground to find out what these guys are doing, then there's really no hope for us. And I certainly, you know, I can't rule out that I would fall for a spearfishing thing and I'm sure that applies to basically anybody. So the combination of the very precise spearfishing and the seemingly unlimited number of zero day attacks is not a good story. And so what I'm going to do now is do the first demo. I'm just going to show you a very simple spearfishing attack. Let me talk through the boxes I've got here. I don't know if you can see. I've got my Mac which is just, that's unrelated. I've got a Windows PC which I'm attacking. What I'm actually doing in the attacking is actually down here a little Raspberry Pi. Obviously I'm from Cambridge so we have to use Raspberry Pi for everything. But that's got Metasploit running on it. Can I have a show of hands? How many of you have heard of Metasploit? Yeah, and how many of you have actually used it? A few. Yeah, good. So I'm sure you know more than I do. So on this Mac I'm going to move this terminal window over there. This is the Metasploit console pointing at the Raspberry Pi. And I've set it up with a simple web server on the network here which is deploying a Java-based exploit. And this exploits if I get a slightly older version of Java. It was a zero day at the time. It's not a zero day anymore. It's fixed in the modern version of Java. But the point remains that a while ago this would have been a real attack against the current version of Java and right now it's not. And on the PC, if it comes to life, I will just show you what happens. So first of all, actually, I need to disable my own product. Because otherwise it will defeat me. At least in theory. So, I don't know if you can see that. Here is a fake spearfishing email from Yanis. And it's all about a survey of die-few preferences. And obviously you guys are white characters. I imagine that's the outcome of the survey. But if we click this link, and I don't know how many of you actually would do, but this goes to a fake URL pointing to a web server which is actually running an exploit. So the web server is being run by the Raspberry Pi here. That's hunting as a web server serving up this exploit. So if I click on that link, we'll get into that explorer loading. And it should, or being well, navigate to the Raspberry Pi. Check that it actually does. So you can see it's raised square there. That means it's a Java applet. So here on the Raspberry Pi, you can see it's downloaded some Java stuff and it's deployed an exploit, which exploits a zero-day bug, or what was a zero-day bug, in Java to run some code on this Windows PC. So now, switching back to the Raspberry Pi, and there's my cursor. All we had to do was run a little bit of code on this PC by exploiting that Java bug in that web page. And now we can poke around it fairly easily. What session number was it? We can see it too. So we can do lots of things. Now we've got that little foothold in. We can find out about the PC. We can see the name of it. We can see it's a Windows PC. And we can find out what's running. There's a whole lot of apps running, as you'd expect on a normal Windows PC. We can look around the file system. In particular, what we really want is this document called Top Secret Stuff. So we're on the desktop. We can just download Top Secret Stuff. Oops, I didn't work, but you get the idea. And kind of hide this handle. Top Secret Stuff. Okay, I better need clothes to see where it is. There we go. So successfully retrieved the Top Secret Stuff from this PC. Very, very simply. I'm sure you would agree that it's slightly terrifyingly simple. And of course, all you need to do is find some code on the PC which can execute some bytes of evil malicious code. And that's the only foothold you need to deploy much greater payloads and much greater exploits and full remote administration tools. And of course, once I'm on this PC I can also go and explore the intranet and the LAN, which is more related to what you guys want to do in networking. So it's all a bit scary. Something's even more scary. As I say, I'm attacking from a Raspberry Pi here. If I were attacking from a full PC I could and would deploy a much more graphical remote administration tool to attack this PC. And I do it using Metasploit, so all the stuff you've seen would remain the same, but I would download and run an executable on the PC which provides me with more advanced hacking stuff. And some of the things that can do are a little scary. Obviously you can capture screenshots of what the PC is doing. You can install keyloggers. But the really terrifying thing I can look through the webcam, of course, you can see what this guy's doing sitting at his PC. He doesn't know what's happening. And a really, really scary thing you can turn off the little green LED next to the webcam. I always thought that would be electrically connected, but apparently my PC's it's not. That would be a big deal. Yeah. What's the spyware? So that's always really scary. In short. And of course, the whole idea is that there's not a lot that we can do about it because potentially it's a zero days that nobody can see before. So if I switch things a slight. So our belief at Bromium is that detection doesn't work. There's an open market in exploits and zero days. And of course the antivirus guys can't possibly keep up with that. There's always new attacks out there. And if you're a high-value target potentially you're going to be attacked with stuff that there's no hope of the antivirus guys seeing. And the same goes for the network intrusion detection stuff. A high-value target based on that price list of exploits. I mean anybody with a secret that's worth more than five grand. So detection is a bit doomed. So we believe in isolation instead. We assume that in every web page there is malware and in every PDF there is potentially malware. And we just isolate everything so that whatever it does it can't break out and attack your PC and attack your network. You're saying you're taking the same approach that the JVM and Chrome fail to do. So I'll speak at the end about the history of sandboxes and what we do. I'm happy to talk that through. So we have something that we call a microvisor. Now obviously a microvisor is a very good term hypervisor. It's a hypervisor which is optimized for lots of lightweight, small, similar micro VMs. And this is based upon the hardware virtualization extension we have in Molding, Intel and MDCPUs. So for that reason it can also be quite small. A lot of the hypervisors out there have lots of legacy code for dealing with complicated page table manipulation and things like that. But because we rely on VTX and on EPT we can keep it quite small. And the goal here is to have a small attack surface. It's obviously based on Zen as well. Now Zen as I mentioned is a hypervisor that's used and trusted by people like Amazon and Rex based for their cloud. Of course the theory on the Amazon cloud there might be a physical machine that has two VMs, one belonging to Pepsi and one belonging to Coke. I don't know if there is but it seems to be trusted to that extent that people were willing to take notice with it. So the combination of using that well-established Zen technology and a particularly small version of it means that our attack surface is quite small. But the really clever bit we do is we integrate it into the desktop user experience as it says there. So the goal here is that the PC basically behaves the same way. The user doesn't have to explicitly switch from a business world to a personal world or anything wacky like that that users hate. It should just behave as normal Windows PC and we transparently isolate stuff which is really hard. So here is the second demo where I do basically the same thing but with Gromium enabled. So first of all this is a PC I've now enabled Gromium on this PC and I just want to show you that it behaves like a normal PC. So you can see we've got a website here you can do whatever you want. It just behaves like a normal PC you can open lots of tabs do whatever you need to do dig around the website you can see it's behaving like a normal browser and you can't really notice the difference but it is actually very different behind the scenes you can use a debugging team we have for the status monitor to find out exactly what's running and you can see we've got three micro-VMs running there one for each of those websites so each of those websites it's potentially got malware but it's being isolated by our micro-advisor into micro-VMs so whatever bad stuff does run the rest of it can't get out it can't attack because our attack status is small it really should be able to the same applies with downloads and documents and so on so here's a folder full of things and you can see some of them have a little orange BR logo that means it's regarded as untrusted those are files and documents we've downloaded from the internet or have otherwise come into the PC from some untrusted source one of them doesn't so this one is regarded as trusted maybe this is something we've created ourselves and if you open a trusted one it will just execute in Adobe Reader as normal on your PC if you open an untrusted one we've got isolated into a micro-VM and I want to show you the performance implications of that because obviously firing stuff up in a VM sounds insane so I'm going to double click on this trusted one pretty quick should be similarly quick so similar sorts of performance there I used to work for real BNCs that's why that's the long story so you can see that from the point of view of the user it just functions like a normal PC some documents are trusted so they're not trusted but they really don't have to worry about that they just go about their normal business and you can see here again on the status monitor we've got an extra micro-VM for Adobe Reader up here for running that PDF so let's see what implications that has on the attack that I showed you previously so if I go back to to Yanis's naughty email click the link we'll fire up a new browser tab it'll ask me lots of annoying Java prompts and then it will run it but as you can see it is running it in a micro-VM so now switch back to the Raspberry Pi it has opened another session so you can see that a browser has connected and downloaded just the same stuff as it did before we're not trying to detect malware in any way and if I hack into it in exactly the same way session is 3 it's not nice one moment so now I can poke around in the same way as I did before I can see connected to Windows PC let's see what's running similarly we've got a list of processes at this point the attacker, if they're clever, will know something funny is going on lots of processes begin with BR suspiciously there's rather fewer of the standard Windows processes running as well but nevertheless it looks like a normal PC so the attacker might think oh good I want to steal their top secret stuff from their desktop so they might check them on the desktop do an LS and they find it's not there they find the top secret stuff is not there and that's because we've isolated them into a micro-VM that's really what we do so in case this is like a normal website and you want them to have access on a desktop, what happens there so you wouldn't in short, for example supposing you go into Facebook or something and want to upload an image that's a good example what we'll do is we'll detect that request or that desire from the website we'll show you a file selection box on the host you will select one individual file and that one individual file will be moved into the micro-VM and then uploaded to Facebook so it does work it just means we have to jump through some hoops so that's it for the second demand so a bit more about how this works behind the scenes here's a model of a PC in the middle obviously we've got the CPU and the hardware then around that we've got the kernel and moving out we've got the OS services and the OS libraries and then there's apps around the outside and here's three hypothetical enterprise apps that have to run on the host they're the ones that keep your secrets customer relationship management and all these other enterprise type apps and those ones we don't try and isolate we don't put them into micro-VM because they're trusted they don't involve reading data from outside of the organization but untrusted stuff we do isolate we have this micro-visor which is our very lightweight micro-visor and everything that's untrusted anything that involves processing data from outside the organization will isolate away so maybe you go to Facebook we'll create a micro-VM for that send for other websites similarly if you download untrusted documents or PDFs we'll create little slices of this PC views of this PC in this micro-visor So are you making an assumption that you want to attack those to the browser? No, so we don't the type text we support it's the Explorer Word, Excel, Powerpoints Adobe Reader, Windows Media Player Zip files So if I bring in a USB file I mean USB stick with an infected file so by default we mark stuff as untrusted and there are ways that enterprises can configure this policy but if you bring in a USB stick that is assumed to be untrusted and if you want to open a file from a USB stick if it's one of those file formats you support it will just be opened in a micro-VM so it's safe if it's some other file format you're going to have to explicitly mark it as trusted according to enterprise policies and so on so the attack surfaces that we cover the vast majority of the ways that enterprises are currently attacked is not absolutely everything but it is the vast majority of the way that data comes into the enterprise and so that's the majority of the attack surface covered It's like bringing your iPhone to work or something you know where it's compromised attacks your network or something you don't have the solution for We don't have a mobile version yet and yes what we're doing is cover every conceivable attack vector but actually it does cover almost everything and it's hard to see how you can protect against them that if people are going to bring their own device and attach it to the network and until we have a mobile version that particularly use cases are going to be covered so how does this games how many micro-VMs you can run you can run 50 or so on a normal enterprise laptop we're quite intelligent about swapping them in and out as well so if you have background work attacks you're not using them we'll swap them out so actually it really has no implication on the normal function of your PC how much more each micro-VM I'll come to talk more about it in a moment and I'll get on to the other side of it before we do how does this actually offer security benefits and the answer is that each of these micro-VMs has limited access to your secrets so secrets might be on your internet or they might be files on your PC oops, that's the wrong button so this PDF for example doesn't need access to any of your files it doesn't need access to your internet at all so we don't let it have any network access whatsoever either to the internet or internet but we don't let it have access to any of your files so that micro-VM doesn't have access to any sensitive stuff at all for a Facebook or something it clearly is going to be internet access but it's not going to be internet access so whatever stuff is happening in that Facebook VM isn't going to be allowed to access your corporate internet and of course it's not going to need access to your files with the exception of stuff like uploading images which I've already talked to so the implication here so I'll call it it's typically configured by the enterprise app when they install it but in the absence of that configuration we'll pick it up from the standard window settings that explain which terms which in terms of internet sources there is configuration to be there so these settings are per document like all PDFs are contained the same way or it can be made more specific in terms of the internet first internet settings in terms of what permissions they have please say PDFs shouldn't access internet since I've created a business with PDFs for four of its own it's quite magical in a bad way let's say an enterprise uses four of its own some other best PDF stuff so in general no if you have something like that if you have PDFs which needs access to internet you can mark it as trusted obviously then we'll ask security protection to spit as time goes by we're a young company and we're always working on more use cases like that so if you have a PDF right now on the internet then it will need to be so if I keep on a URL inside a PDF you're not going to create a new inside a new micro-vm we will detect that click we will let the host know that it needs to produce a new web browser to go to that PDF then to that website and that in turn will create a new micro-vm to run a business you can talk about your micro-vm architecture as much as I can go away right so the main thing about our micro-vm architecture is that they the micro-vms are very much copy on right so that's why the memory overhead is not too bad because on the whole they share the vast majority of the data and that applies to both disk structures and to the in-memory structures so when you create lots of browser tabs they will share all the memory pretty much and only when you actually come to do something with those tabs will the memory footprint start to diverge at which point we will do the pages in a copy on right fashion and only store the differences so the memory footprint of each additional micro-vm is actually basically zero until you do stuff with it at which point it becomes very similar to the extra memory you would have used had you been doing it in a normal host browser or something like that so it's all very much placed around copy on right and that is that's why we can be quite lightweight and run an awful lot of micro-vms on one piece yeah exactly very good question so the cache we don't I have to be careful about this because I'm not 100% sure I can't answer your question about the cache cookies we will be very careful about which cookies we make available to each micro-vm so if you produce a micro-vm to go to Facebook for example we will insert the cookies that are relevant to that website and only those cookies so wherever malware runs in that micro-vm and still have a lot of data it's not as simple as that there are complicated rules on how well they are I know that they have taken a lot of time to get right it is a very complicated area and the same applies to things like DOM storage there's actually quite a lot of ways with browsers to install state and we do support all it's all very complicated so we assume there will be malware in some of these and obviously that's bad but it doesn't really matter so let's move on to micro-vm and when you navigate away from that website or close down at the end that micro-vm just ceases to exist and will disappear so whatever malware it actually gets so long as they are in one of these micro-vm so we've isolated the entrusted stuff into it just ceases to be a problem and that's about it but there is one more thing I'm going to cover in a while in terms of what you can do to look at malware that's attacking you and the next is about the general sort of isolation role of our stuff one of the biggest problems with browsers is that often a single browser security is that often a single page will contain content from lots of different sources a good example is Facebook and so Facebook you know you load apps and whenever you load an app it basically gets access to the I mean anything on the page really has access to the DOM so it can read everything on the page so anything, any ad that's compromised on Facebook app, any malicious app whatever it can read all your data from that page and a lot of a big source of like a taxes sort of compromised advertising servers the double clicks of this world where they are tricked into like serving malicious ad which is part of your legitimate content and since it's in the same DOM structure basically it has access to everything on your page so it seems to me that isolating single web pages isn't enough you actually have to isolate the sub-dominance as well but there is a strong argument for that and it gets particularly complicated with things like iFrames and so on and we don't have a solution to that and whatever untrusted content happens on your Facebook website will be able to access all the other untrusted stuff that happens on your Facebook website can you see in criminal law class the opening of their page will you have any kind of comment on it, well they're really if you think about in tank stores supposing that you've got IU running I don't know 100 megabytes 200 megabytes to render that extra web page that's basically exactly the same footprint as us because everything else is shared in a copy and write fashion between the micro-bm so the additional round usage is very similar to the additional round usage of IU well yeah I don't use IU for all these reasons I use Chrome and what I know for sure is you want just a few tabs in very good ground so presumably they do all the they do all the same stuff when you look for your write it doesn't work it was just 100 megabytes it could be both yeah I mean a modern browser rendering engine uses potentially a gigabyte of RAM for a complicated web page as I understand it, Huffington Post is particularly brutal, if you go to Huffington Post it's going to use an awful lot of RAM an awful lot of CPU it's just we try and not use any additional overhead beyond that is there an argument that there's two separate problems that you're conflating here is that the browser is one chase here and you know you want to reasonably say a lot of people are business browsers so you don't need the dynamically executed VM so you use a conventional VM for that and then with PDF documents you think that the better approach would be to have some virus detector on the PDFs and you can take it from untrusted to be trusted because that's something where imagine somebody receives this untrusted thing and they just attach it as an email or to somebody else about it, you'd like to have it go through this transition there as you mentioned already is a need for it to be treated as trusted what are the two problems our view as company is that there's plenty of zero days what's out there and so trying to detect them just can't work so transitioning from untrusted to trusted is a difficult operation and you have to do it based on your belief that problems are the documents rather than any detection of any actual malware so it's an operation that a human has to do I really asked you a question about the two different use cases I think I just think that the engineering solutions might come out if you look at the solution problem ultimately we use the same isolation mechanism for documents and websites because that's the isolation mechanism we have and it does if all you have is a hammer well to come back to the previous point about the Chrome Sandbox I think that you meant that my question is like why are you guys why would we do this why do you think you're smarter than Google is the basic question Sandbox is because they're doing the same thing except they're trying to use on macOS they use the OSL virtualization which maybe has bears in it but Zen has bugs in it too I'm sort of not clear what the difference is they do the same thing it's a virtual machine it's copy on it's basically the same approach as we're like involved it is a very similar approach the difference is in sheer attack surface there's runs on top of the OS so potentially they're vulnerable to a whole class of kernel which we're not vulnerable to and we have some quite good demos where we stack a bunch of sandboxes on top of each other and then use a single kernel exploit to just break out and defeat them all because our stuff is below the level of the kernel all you're trusting is that small Zen based hypervisor is smaller that's all, it's just sheer attack surface size your argument is that the Zen could your argument is that sandboxes are vulnerable to kernel bugs which have a larger attack surface than a hypervisor on the other hand I'm familiar with lots of exploits in VMware and Hyper-V I expect that Zen is not immune to them as well and if this catches on it's likely that it'll be immobilized for Zen exploits we don't claim that we just claim that the attack surface is much smaller so they're just much higher and it comes back to that money based slide you want the attack surface to be sufficiently small there is one ray of light there is one kernel the L4 micro kernel where we actually prove that it meets the specifications now, whether we understand the specifications or whether they're logic errors that remains to be seen potentially with what it was 20 or 200 man years they spent working on it they were actually able to prove it correct so are you going to try to do this with Zen? it's a good question or switch it to L4 where they've actually done the work? also a good question it was one of the first questions I asked when I joined it, I can't remember the answers it would be lovely to formally verify the hypervisor at the root of all this because it is your root of trust I think a lot of the work in like information control is precisely trying to do that trying to prove it correct because if you can't prove it correct you really don't you have no really compelling reason to believe this point she has a size of attack surface and yes we're not claiming that we're not claiming that there's no books it's just that much fewer do you have a question behind you? I guess one you mentioned that the economic price so what's the going price for hypervisor experience? that's a really good question we haven't seen any yet but we might be out there it's probably expected that the attack surface is smaller but the price for it is much higher that we would certainly expect if there's two orders of magnitude less code or three orders of magnitude less code you'd expect the attack the price of the attack has to be two or three orders of magnitude higher and thus it won't be able to make sense to attack people who are using this sort of approach yeah so how is it different from running the browser all the time in a separate hypervisor so so the main differences are we're very optimised on a small similar VM so it's much more a wide-way approach and they are disposable essentially they're ephemeral they only exist for the length of time so whatever malware and attack there is gets thrown away the other answer is that it's nicely integrated in the user interface that's right it's pretty transparent so some of the other virtualisation solutions that have been proposed for the endpoint before they expect the user to switch between a business world and a personal world and explicitly make that choice and of course the users tend to hate that and it doesn't necessarily offer that many security benefits because to compromise the business world a CV or something to the business world which has some exploit in it that's where your business VM is compromised whereas because these are small they're just used for a single task and then they're thrown away there's no way that an exploit can persist so do these micro VMs have network access here local or remote? yes so it depends on what you're using it for if you're using it for a website on the internet it will have internet access but not intranet access so that's your question when it comes to hardware they have access to everything like the example that you gave with the camera how would it be different now it's all configurable on the basis of what hardware you're talking about but in general by default they won't have access I'm interested in your sort of underlying architecture for example are you actually running I mean presumably at Zen you really have multiple instances of the Windows kernel of the NT kernel with their own kernel data space or are you mainly slicing it at the application level otherwise you would wonder a little bit about your architecture it is at the lower level yes I can't talk too much detail about it but yes it's a from the point of view of inside this VM it looks like a blank copy of Windows so the interesting thing I guess is how do you handle things like you have a very interesting example where we have different views of the file system but from Zen's perspective it doesn't really have a lot of file systems in it it's about disks and disciplines so what mechanisms do you use to make it here to make it so that you can sort of see this directory but you can't see all the pieces all the files in it that's very interesting to me it is interesting it's a process that I can't really talk about but you can imagine I'm trying to work out how much I can say from the point of view of the inside of the VM it just looks like a disk it just looks like a blank disk containing Windows but in the real world we don't actually copy anything so you can probably reverse engineer some of it from there yeah I can probably figure out what am I doing another approach that's used in Linux is the OS level virtualization approach and like Linux containers for example the people have done this in Unix for years you have that dating back to Sherwood and BSDJLs and things like that it seems that you could do something similarly with this the same thing using OS level virtualization on Linux the disadvantage I guess is that you still have that larger kernel attack surface everybody is running on the same kernel yeah and you can argue that the OS level virtualization you're talking about there is a concept to be the same as the sort of sandbox in the criminals and it's all on top of the OS and it's all using kernel facilities to do the isolation and that's fine so I have a question for you why does Microsoft do what you're doing seems like a good idea because it seems that the sad part is that all of this seems to be that virtualization is this huge hammer and we're using it to solve problems because the OS is essentially broken it doesn't do permissions right it doesn't do protection right it doesn't have process isolation all these things that is the job of the OS to do it just doesn't do we haven't figured it out for half a century we think it's hopeless agreed okay I'll move on to the last bit oh last question do you have a back version or a latest version of it I will come to that guys can we keep the questions like 15-20 minutes to wrap up so we've talked all about isolation so far which is the main value of our product it's isolating potential sources of malware into these micro VMs so that it can't break out and attack your PC or your network there is one more thing which is what we call live attack visualization analysis in these micro VMs we know exactly what's supposed to be running we know we created this micro VM for precisely one task to run exactly one website now in the old days before all this stuff if an enterprise got attacked by some malware probably the enterprise IT guy would not find out about it the best case scenario is that they did find out about the malware and they'd have to run around frantically on broken PCs now we don't that's not necessary for us assuming that you trust our isolation because we're keeping the malware and the bad stuff locked up in a micro VM and also we can introspect it and see exactly what it's doing a little bit but we can do this because there's exactly one task running in each micro VM we know we created it maybe for showing PDF or for going to a particular website and we know the expected behavior if you open up IE to go to a particular website we know that it shouldn't be putting auto runs into your registry we know it shouldn't be trying to overwrite your boot sector there's a whole bunch of things we know it shouldn't be doing because there's precisely one task in this micro VM you can't make those resolutions about your host window system because it's going to do dozens of different things but because there's one task per micro VM we know what we should be expecting and so if it does something different we can tell the network IT guys that something fishy is going on and because it's isolated we can let it play out and watch what happens and watch what the malware does which is pretty cool and it's not the main function of our software but it is quite cool it's quite a bit more visually attractive than the boring isolation stuff which is actually the main value of our software so on top of all this introspection we do we have API so you can inspect the attacks that have happened and find out what the malware is doing find out what it's contacting all sorts of things like that stuff as well so this feature is called Lava for Live Attack Analysis and Visualization and we'll notify this across the network as well but here is the basic UI for inspecting an attack that happened on this PC in a micro VM and this is in fact what I did this is the same attack I did I just did it a few days ago so if I turn on all these different things we can see what happens so some Internet Explorer malware on the right side you can see at the bottom of the screen exactly what executables were executed you can follow through and find out what it is until eventually it got a command shell and started poking around the PC and we know all this because we're able to say one task per micro VM we know when it's doing something funny and we can start instrumenting it and watching what it does these are slightly more complex one so it dropped and executed a file so it contacted all these IP addresses it did lots of complicated stuff at some point it dropped and executed a file and the good thing about this is you can find out the SHR1s and the MD5 so it's kind of complementary to antivirus systems you can take that knowledge and insert that into your antivirus systems as well and it fiddled with the registry so maybe it looks like it did something with the Internet Explorer Proxy settings, I don't know if you can see that lots of registry values changed, lots of tracing masks and stuff did some more Internet connections lots of auto runs and eventually it ended up executing command shells and doing things like that weirdly it ramped at some point, I don't know why so you can see exactly what's happening in the case of where there is an attack which is quite cool as I say, it's not really the key feature of our stuff the key feature is the isolation this looks much more cool in terms of what we support right now we support Windows 7 we're working on Mac and Windows 8 and also some VDI stuff and in the future there will be mobile versions I am one of the mobile guys so that's the bit that I care about but right now it's obviously an enterprise product we're aiming at enterprises and they the vast majority of them use Windows 7 it's just about it so I'm sure we'll have more questions for you I was wondering if you had like a stratified product or stratified market if I was thinking about like a real spec for classified customers I can't talk about what we do with classified customers funnily enough no, I can't talk about that any more questions? yeah, so I don't know, I mean I'm a iOS developer and it seems that this is something that they don't provide the interfaces to do it there's no way you can possibly run like this on your iPhone so what are you going to do on my iPhone? it's a really good question we might not do any on your iPhone from my point of view as a mobile guy iOS does not have a real malware problem right now not a significant one so how to wait to see how that develops and I think for Apple speaking frankly I think for Apple to be interested in this there would need to be a significant iOS malware problem to develop first what's special about Apple's space minimization that you know and I'm assuming that the induce does that control this microvm we do the copy on right after most of our setup so it doesn't cause us problems the characteristics of microvm is maybe more similar in that respect than we would ideally want because we've got the isolation from the high-fives anyway it's an awful lot of security measures what do you think of do things like Windows user access control and outgoing firewalls do those things help at all cause you know certainly it seems like an outgoing firewall can detect all these weird connections and perhaps you know UAC it's designed to protect the red yeah I'm a mobile guy as well so one of the first things I did was when we started seeing these traces I decided to write a quick app which would plot on a Google Maps control on my Android phone exactly what IP addresses were being contacted by some typical malware attacks they were absolutely everywhere around the globe it was a bit depressing cause I wanted to see some cool patterns and see where the attacks were coming from but obviously that was naive and they just bounce off so many proxies and servers that there was no pattern to be discerned so I walked and used to be so like is that convenient and in terms of the registry access yes, again if you are trusting the kernel then that can minimize what can be done in terms of installing autostars and stuff and you should you know internet support shouldn't have a renderer request it should not have the right to do that and it can only do that if it's found some way to estimate privilege one of the most I guess famous or infamous I guess I exposed StetsNet which ultimately deployed sort of malicious Windows updates do you have any thoughts on how to protect it in something like that okay, trust me so when talking to your customers I mean do you see that some simple exploits like PDF or just asking users to click on like random links are they like the cost for most of the attacks and worries for large scale enterprises and what about things like let's say the hardware supplier to the enterprise itself has come to mind and they insert some root care something like that within the hardware it's all very sad and disappointing it could happen so at the moment we don't go against that in the future as one of these slides said we are working with the trusted execution technology and things like that to assert exactly what our high-five is and check that it's not been tampered with so you may see it's been doing more in the area in the future do you see such cases I haven't I have heard of them but probably in the same way that you have in general media if Microsoft picks this up I think there's another question why do they use this it seems like the Windows kernel does all the stuff maybe related to this so do you have an idea of how they would simplify the Windows kernel assuming it's running on top of all this Windows API is a terrifying power between the different micro-VMs and not the same set of inter-writers that are admitted between different Windows processes and indeed we use a lot of powerful Windows APIs to make this transparent and impossible but if you think about Internet Explorer we have to use a lot of powerful things there to be able to chop up Internet Explorer into multiple different websites essentially on multiple different browsers essentially spread across different VMs and if Windows has that sort of incredible powerful API it's hard to imagine how Windows can be secure unless they radically simplify the APIs based on attack sectors or Windows it's a really interesting approach that basically you sort of fork Internet Explorer into another that's really quite that's a pretty clever idea it seems like a good idea that should be generally explored explored some more there I guess there are some extent examples of other of things that I think is the software doing that as well and also there are things like Google native plan but I think the idea of forking it into another game is perhaps maybe the most interesting aspect of the sort of key aspect of your approach to the experience it is hard as you can imagine and lots of this technology is really really difficult I hope that what's left is really hard the transferring making the UI work stuff is really really hard as well conceptual idea well when I run a piece of code when I jump into a function actually switch to another VM is really interesting and that's something that I haven't seen I've seen it a couple of times but it seems like a really interesting mechanism that you can use for a lot of different things I've seen it used for optimization as well which is interesting your product only works for browsers so the use cases we support at the moment are browsers, PDF Word, Excel, PowerPoint Windows media files there are definitely a couple of other things but those are the main things that we isolate right now you may see that expand in the future ok, thanks for one more question so how much extra work is involved in adding more applications to the sort of applications that we support? the way we market it is very generic but there's a lot lots to be thought about in terms of making it work properly because you have to consider their interaction with the rest of the system if it's a very simple application it's easily trivial for us to put it in and isolate it but if it is a more complex and interacts with the rest of the system in sophisticated ways then we have to intercept more things and make sure that those are handled properly across the band thank you very much