Lezen in het Engels

Delen via


USB Virtual PC’s

I was browsing the news this morning, and ran across an article - Virtual PCs add new layer of security. They claim:

MojoPac virtual PCs are not just designed for mobile use. They can protect users who share the same computer. A virus introduced by one user into their MojoPac, or virtual computer, would not affect the rest, according to RingCube.

"If you were to corrupt your virtual world, your host PC would be fine," says RingCube Senior Vice President Ron DiBiase.

Please note that the following comments aren't aimed at any one implementation of this approach – and it is an interesting approach – but more at the overall issue of USB (in)security. I can buy that once you get the virtualized environment booted, then any sort of nasty app you might be unfortunate enough to run would then scribble on your USB drive, and not the host system. What I can't get around is the fact that USB was created without much thought to security. They carry around their own drivers. They're usually on a FAT file format, and thus have no protection from the host system. So the USB drive can attack the host when it's inserted, and the host can attack the USB drive. This is exactly the problem we used to have with floppies and boot sector viruses back in the bad old days.

I'm not pointing out anything new – numerous people have pointed out the flaws in USB drives (firewire is worse – direct memory access) for several years. I can see where this technology adds convenience, and some privacy (assuming the host isn't just spying on them and logging everything that happens), but I don't see it adding security – I see it bringing back an old virus vector. If someone were to write malware targeted at this environment, it could spread very quickly. I wouldn't feel any safer logging into a kiosk with one of these – it might be a reasonable way to keep your personal stuff off your work system, but then I have some trust in the host, and I know where all the USB devices plugged into that system have been.

Comments

  • Anonymous
    January 03, 2008
    I don't understand how USB devices "carry their own drivers." From my understanding, the USB device exposes identifiers during enumeration that the operating system uses to select existing drivers or to prompt for new drivers. This is all covered by presumably effective security strategies. After drivers are loaded, I can understand possible threats if auto-run is enabled, or if the user clicks on executables located on the drive. But is there some other mechanism that I'm not familiar with that allows a USB device to directly supply drivers to the host? [dcl] The USB device sometimes has the drivers so that when you plug it in, the OS (assuming you're an admin) will just use them. Worse yet, the device has direct memory access.

  • Anonymous
    January 07, 2008
    I have bad news for you, David. Firewire is not worse than USB for having direct memory access - because USB uses DMA as well. I gather there are even some forensic devices that use this to snoop what's in current memory. [dcl] OK, I stand corrected. They're both as bad as it can possibly get. Thanks - I feel so much better now...

  • Anonymous
    January 08, 2008
    The other thing worth mentioning, of course, is that if your PC is protected but "you were to corrupt your virtual world", then what you value - your data in your virtual world - is gone. If we're not going to care about whatever world we spend our time in, then we could do the same with a PC - flatten and restore it every so often. The hardware, after all, is still safe. Protection of the PC is simply a means to an end - the end is to protect our data and our ability to use it (i.e. keep our applications functioning). [dcl] Yup, agreed - though a nitpick - the hardware might not be safe. Look at some of the recent developments in rootkits, going into writable hardware memory. I think it's a nice thing for privacy - say I'm going on a business trip with my business laptop, and want an easy way to keep personal and work completely seperate, but isn't a real security solution.