January 14, 2009, 4:41 PM — Security vendor Symantec is using new virtual machine technology to protect Web surfers from online attack.
Called Vibes, the software bounces between three different virtual machine sessions, depending on what the user is doing on the Web. When Vibes spots the SSL (Secure Sockets Layer) protocol used for secure Web transactions, it puts the user into a "trusted" virtual machine designed for things such as logging into banking sites. If the user starts running untrusted applications off the Web, then Vibes moves into a "playground" virtual machine where untrusted software can be run.
There is also a regular "user" machine mode for most day-to-day Web surfing.
Because Vibes runs inside a virtual machine, even if the user somehow installs malicious software on the PC, the virus can't access anything important and it disappears when the virtual machine session is closed. "We want to prevent malicious programs from damaging end-users' machines," said Tzi-cker Chiueh, a senior director with Symantec's research labs, at a press event in Mountain View, California, on Wednesday.
Want to run an e-mail attachment that is also an executable file in playground mode? "We say go ahead," Chiueh said.
Vibes is being developed by Symantec Research Labs, and it may never make it into a full-fledged product, but some components of the technology may end up as part of Symantec's product line. The current Vibes prototype uses VMware and Linux, but it could easily support other virtualization products and operating systems.
Vibes uses a management agent to keep track of what the user is doing with the browser and make the switch between different virtual machines as seamless as possible.
Virtualization technology has already been adopted in data centers, where it is being used to consolidate server applications onto fewer machines. But now companies like Symantec are looking at ways to use the technology on the desktop as well as the data center, and in so-called cloud computing platforms, said Mark Bregman, Symantec's chief technology officer.
Symantec says that about a third of its current Labs projects touch on virtualization technology.
Virtualization could be used to better divide up the everyday PC. "We might want to partition into a personal and enterprise portion," Bregman said.
One other project that Symantec is testing is GoEverywhere, a Web-based workspace environment that lets users access different Web applications from a single site. A test version of GoEverywhere is open to the public and being used by about 2,000 people. Symantec would like to allow users to store and share files using GoEverywhere, although that's not possible right now.
Projects like Vibes may become more popular as users look for a way to avoid increasingly prevalent Web-based attacks. In 2007 Google acquired Green Border, a Mountain View startup that built a similar product. "I think they are going to be used, because basically that approach is the only option," said Jeremiah Grossman, chief technology officer with White Hat Security, via instant message. "Browser vendors either can't or won't provide adequate security by default. We'll need add-on security."
