I wonder how effective this will be. Things like file downloads need to escape the VM. Persistent data is required ( cache, cookies, passwords, etc ).
Brave VMs to destroy themselves, any malware they find on HP's new laptop
HP has announced plans to integrate Bromium's virtualization technology into a laptop as a defence against malware. The soon-to-be-launched EliteBook x360 1030 G2 will feature virtualization-based security built in to the hardware in the form of a feature called Sure Click, which will go on general availability in Spring. The …
COMMENTS
-
-
Tuesday 14th February 2017 03:17 GMT P. Lee
There seems to be some confusion in the article as to whether it is tab-based or application-based. I'd assume application if its a VM and there's no reason why it shouldn't be persistent if it is not asked to wipe itself.
This is more along the lines of how things should work, but its a little sad that its a third-party thing and not an OS thing.
Downloads do need to be handled. The right way to do it would be to have the browser ask the host OS to pick the file up from a download cache area. The host OS would then ask the user if they want to retrieve the file into the host OS data area and initiate the transfer. The guest vm should not have outbound (to the host OS) capabilities beyond very simple message passing.
-
-
Monday 13th February 2017 16:08 GMT GingerOne
They talk about this being in the hardware but then describe software. And isn't the EliteBook aimed at the Enterprise? Our machines never see the OS install they come with, out the box and booted to PXE immediately for the corporate image to be installed.
Think most are going to be more interested in seeing a download for this rather than having it baked in.
-
-
Monday 13th February 2017 22:20 GMT Anonymous Coward
Re: Sandboxie?
Sandboxie is a user mode sandbox (similar to Chrome sandbox) and thus vulnerable to kernel exploits which means it is not that hard for a skilled malware author to break out of. This technology uses a virtual machine and so the kernel is removed as an attack surface. Breaking out of a virtual machine is extremely difficult.
-
-
Monday 13th February 2017 16:34 GMT Anonymous Coward
Won't work
When Chrome was first released, one of its major selling points was that each tab is a separate process and all addins are sandboxed. But then things need to escape sandboxes and communicate across processes in order for the browser to function (in a usable manner anyway). So holes are left anyway.
Plus, most malware these days seems to be just a scary webpage followed by the user doing everything they possibly can to bypass protections and infect themselves. Browser exploits barely feature any more.
-
Monday 13th February 2017 17:45 GMT Sandtitz
Wait a minute...
HP had a somewhat similar product a decade ago, "Mozilla Firefox for HP Virtual Solutions".
Perhaps the virtualization layer was working as advertised, but HP didn't keep up with update cycle of Firefox 2.x so the product was quietly killed.
This 'bromium VM' thingy seems as just another sales gimmick.