Using Ephemeral Clients to Interface with Virtual Environments

When I come in to work every morning I follow a standard routine.  First, I make sure to grab some coffee and fruit down at the cafe.  I then check my email, voicemail, calendar, etc. and plan my day accordingly.  Next, I catch up on the news – technical, political, weather, security, sports, etc. Trite, cliche, boring eh?  Well, the way in which I go about accessing the Internet is somewhat unique….

A colleague of mine recently turned me on to the concept of ‘ephemeral desktops’.  The idea behind ephemeral desktops is simple.  The reality is, an attacker can catch any one of us snoozing at any given time.  Maybe clickjacking?  Perhaps drive-by downloads?  Phishing malware? etc.  Inevitably, every organization at some point or another will have an employee fall prey to persistent malware and put their company’s network at risk.  Ephemeral desktops are a great tool for mitigating persistent malware threats.  How do they do this?  What exactly does this mean?

Getting back to my daily routine…before I check the news, I load a custom Ubuntu 9.04 live CD (that my colleague has put together).  This Ubuntu live CD is read-only with a few useful applications to assist me in doing my job including both SSH and VPN clients.  The idea behind the ephemeral desktop, in my case the tinkered with Ubuntu live CD, is that nothing can be written to disk.  This means, no persistent malware can be written to disk because I am manipulating the Internet with a browser on a read-only CD.  Perhaps, while using my ephemeral desktop, I browse the Internet and accidentally download some form of persistent malware.  It really doesn’t matter.  The next time I boot from my Ubuntu live CD I will be starting, once again, from a clean state.  I can lose the battle but still win the war.

The idea behind lightweight, ephemeral desktops, is auspicious considering the direction we are headed with the cloud.  As for virtual environments, users require a client to interface with a particular environment.  Currently, virtual environments rely too heavily upon these clients for functionality (scripting and condensed physics engines).  It may be interesting to pursue research concerning ephemeral clients (with similar principles to the ephemeral desktop) that will always start from a clean state.  Despite what malicious content may or may not have been downloaded from a previous virtual experience, a user can trust that no persistent malware has been written to their disk.

Read Full Post »

NATO to implement virtual world

Wired reports that NATO is going to implement virtual worlds to improve administrative ability especially around training and meetings.

Read Full Post »

Security Visualizations of Complex Systems in Virtual Environments

A few weeks ago I was fortunate to attend a talk concerning the utility of virtual and synthetic worlds.  One idea mentioned was the concept of using virtual environments as a means of which to visualize and interact with complex systems.  From a security perspective, complex systems and the amalgamation of varying components often result in many unforeseen security issues.  Systems interacting with, and depending upon one another in ways they were not originally designed will leave holes in the fabric (a fun platitude for security folks to chew on once more).  Unfortunately, no revolutionary solution for devising uniform, comprehensively secure systems from their genesis are coming any time soon.  So what can the security community do to compliment these manifold systems?
 
This idea of using virtual environments to visualize complex systems is very powerful, especially from a security perspective.  Visualization would provide security engineers (network admins, application developers, etc) to see, dynamically, how systems are working and interacting.  For instance, if a Web server begins to see heightened traffic rates, perhaps a visual image of the Web server (a blue server box or something to make it uniquely distinguishable) would expand to raise a red flag of a potential DDoS attack.  Perhaps, a visualization of a complex system would allow admins to see what different protocols (lines w/ different colors?) are being used for disparate systems to communicate.  Maybe, with regards to the “cloud“, visual representations for depicting VM segmentation and resource allocation could be used to symbolize data leaks between VMs, exposure to the host and hypervisor.  The potential ways to use system visualizations via a virtual environment are endless.  The next question is, how can one trust the visualizations one is seeing?  But that’s for another day…
 
What about the ease of which users would be able to interact with their infrastructure?  No more manually grep’ing through log files and modifying systems via command line and shell scripts.  It’d be much easier to visually see a comprehensive view of one’s infrastructure and be able to make modifications with a few mouse clicks.  Instead of interacting with complex systems by means of such complex methodology, we should be working to interact with them in more simplistic, intuitive ways.
 
Today, every systems engineer devises many system and network diagrams before deployment and implementation.  But these forms of documentation are static.  We need to begin implementing living visualizations that dynamically interact with our living systems. 
 
Please understand this is simply conceptual and would require quite a bit of work to take place under the hood, but it’s fun to think about.

Read Full Post »