What is your real job, Rod?
I hear you asking. Well, I work for a start up, Secure Command, LLC, and we are/have developed an application, Internet Cleanroom. Internet Cleanroom, works on virtual machine technology. My boss, Dr. Anup Ghosh, a leading researcher in computer security has taken his research and has made it a commercial product. I am the lead developer of the application.
What is Internet Cleanroom, Rod?
I thought you might ask that. Well, Internet Cleanroom, allows you to go anywhere, do anything on the Net without having to worry about malicious code, or infections. IC (Internet Cleanroom) is a preemptive measure, instead of running virus scans after the fact, to see if your machine has been infected, IC will let you know immediately, while it is taking place, more on that later. IC runs your designated applications in the safe, secure enviornment of a virtual machine.
A Virtual Machine?
Yes, if you are unfamiliar with virtual machine technology I can blog on that next time, but for now just imagine it as another computer (a separate desktop environment running your operating system) on your computer. This VM (virtual machine) is now where you work and do whatever you wish to do on the Net with no worries (hakuna matata). The IC, VM works like a whiteboard, do what you wish, download what you like, go where you like, do whatchalike (ahhh...my name is Humpty, pronounced with an Umpty...okay, okay, got a little jiggy there). So, back to the white board concept.
Imagine you go to some site, I don't know, www.hotparticleaccelerators.com, those leptons, quarks, and gluons, sure are sexy, anyway, you download some super-string theory article, and BOOM, the recreation of the Big-Bang theory has just blue screened your computer, or worse, some Bekenstein-Hawking radiation has slowly creeped onto your machine, and stealthily and systematically, is opening a black hole onto your computer.
You are in the safe confines of a VM so all you do is hit the revert button on the application and poof, you have a new pristine environment.
That's it?
Yes, that's it, but wait, there's more...tell them what else they get Rod. IC allows you to see the culprits in action, with our technology will call "WebCanary," (like the canary in the coal mine). When you are working in a VM, and something spurious takes place, we immediately pop up a dialog box and inform you that an infection attempt is taking place, you can just revert the machine, but if you are like me, and curious, then you can click the button on the dialog, that allows you to see what the culprit is doing live. The WebCanary is a forensic tool that allows you to see all that the malicious software is doing, all the goodies, url redirection, buffer overflow attempts, renaming of files, registry writes, hidden file attempts, spawning of processes, etc... The processes the malicious software writes and launches, we capture and take a MD5 hash snapshot of it and we can verify if it is legit or not, and the most important thing to you is we capture the URL of the culprit. Actually, with the WebCanary, it is fun to try and find malicious sites, because now you can see exactly what the hackers are trying to do to your machine, its like holding a glass jar with angry hornets inside, and you can just watch, gaze up close, and if you are a little devilish, shake the jar around and watch them get angrier (hee hee hee).
Well, there is some other cool stuff IC does, but I've got to get back to work. Perhaps, I post some screen shots, or you can go to www.securecommand.com for more info. There is a beta on the site, that allows you to run a secure browser, but it doesn't include the WebCanary, but you can get an idea of the power and safety of working in the VM.
Until next time...be safe out there, its a crazy Web.
