All operating systems that exist today have a problem in security structure. When running programs, systems and programs can influence each other. Although only one program that has a security hole, hackers can attack all the programs and system components that was loaded into memory.
A hacker from Poland, Joanna Rutkowska who managed to penetrate the best defense of Windows, have any idea how to create a free operating system from hacker intrusions. Capitalize knowledge of the weaknesses of the kernel-based systems, so he built Qubes OS. “Security through isolation” is the principle behind the Qubes OS.
According to this principle, each program “locked up” in a virtual machine (VM). When a PC running the program Firefox, Office, and the media player in parallel, Qubes OS is also running three virtual machines, for each program. If an open security hole in Firefox, the attacker is able to exploit loopholes, but he can not attack the system or access other programs.
The main difference between Qubes OS and conventional operating systems lies in software and hardware interfaces. On Windows, Mac OS X, or Linux, everything is controlled by a large monolithic kernel. Meanwhile, the Qubes OS, the hardware is controlled by a software layer that sleek, called Xen Hypervisor.
Xen virtual machines and to keep the VM is not running on their own. Almost all of the components that communicate with the outside world, such as file system or hardware drivers, are stored in the virtual machine. Xen is the only component in the operating system is not running in virtualization.
One error in Xen will make all the security mechanisms do not work. Of course, it is becoming the biggest weak point. Therefore, the developer team is trying to get Xen remains compact so as to minimize potential errors. For comparison, Xen contains about 100,000 lines of code, while Windows about 10 million, even more. For you, the users prefer the free surfing, you should start thinking about an alternative operating system that is completely safe and has a principle: Qubes OS.
No comments:
Post a Comment