Computer World UK has a curious article about the latest research from Joanna Rutkowska. She is best known for her security work around virtual machines including the Blue Pill rootkit that uses virtualization to trap an entire OS.
QubeOS is an operating system she developed based on her earlier research. It is not surprising to read how it uses a bunch of VMs to compartmentalize applications. The decision of what application runs where seems to be along functional and resource lines. The article mentions network and storage VMs, for instance. What this alpha software appears to do is provide a unified GUI so that the user doesn’t need to know where applications actually run.
Separating applications this way means that a bit of malware or an attack has a tougher time accessing anything not in its VM compartment. This is similar to a common idea among some security folks, of using separate browsers for sensitive and non-sensitive tasks. QubeOS takes that to its logical conclusion.
The hypervisor she chose is Xen which is one of the faster ones owing to better integration with the host OS. Linux, NetBSD and Solaris can run as the bottom layer in Xen’s architecture. For simplicity’s sake, she chose to use Linux for the host and in the various secure compartments for QubeOS but if the practical approach proves feasible, then any guest OS Xen supports should work. Xen is also apparently easier to audit for security purposes owing to its simplicity, especially compared to other hypervisor options.
She has published a white paper with more details. The software is currently an alpha release.