feeds | grep links > Canadian Copyright Reform Flawed but Fixable, Qube OS to Include Disposable VMs, Electronic-Biological Transistors, and MD Prohibits Recording Police at Work

  • Latest Canadian copyright reform effort flawed but fixable
    Professor Geist has a good analysis of the draft that was just put forward. The biggest flaw is the insistence on anti-circumvention and DRM. Otherwise, many of the other compromises are reasonable even of fair dealings is not all some had hoped for, still falling short of US fair use.
  • Virtualization based OS to implement disposal VMs
    ZDNet has some more details on Rutkowska’s Qube OS. I wrote about her latest efforts a couple of months ago. The new detail is that not only can applications be spun up in separate, transparent virtual compartments but those VMs can in turn be disposable, decreasing the chance of any security risk from them lingering after an application is done.
  • Nanoscale electronic-biological transistor
    Slashdot links to a bit of research that sounds like something out of early cyberpunk. The practical reality is that the interface would be most useful for medial applications, not computing. The transistor would allow feedback inside and outside of the cell, for instance help regulating delivery of drugs at the smallest scale.
  • Maryland one of twelve states banning recording police officers
    I saw this via @joabj on Identi.ca. It is a variation of the legal reasoning I’ve seen in other cases where cops have actually pressed suit against citizens who made video recordings of them on the job. We clearly need a better solution to enable freedom of speech and video as self defense than allowing this interpretation of wiretapping laws to go unchecked.

Secure, Virtual Machine Based OS

Computer World UK has a curious article about the latest research from Joanna Rutkowska. She is best known for her security work around virtual machines including the Blue Pill rootkit that uses virtualization to trap an entire OS.

QubeOS is an operating system she developed based on her earlier research. It is not surprising to read how it uses a bunch of VMs to compartmentalize applications. The decision of what application runs where seems to be along functional and resource lines. The article mentions network and storage VMs, for instance. What this alpha software appears to do is provide a unified GUI so that the user doesn’t need to know where applications actually run.

Separating applications this way means that a bit of malware or an attack has a tougher time accessing anything not in its VM compartment. This is similar to a common idea among some security folks, of using separate browsers for sensitive and non-sensitive tasks. QubeOS takes that to its logical conclusion.

The hypervisor she chose is Xen which is one of the faster ones owing to better integration with the host OS. Linux, NetBSD and Solaris can run as the bottom layer in Xen’s architecture. For simplicity’s sake, she chose to use Linux for the host and in the various secure compartments for QubeOS but if the practical approach proves feasible, then any guest OS Xen supports should work. Xen is also apparently easier to audit for security purposes owing to its simplicity, especially compared to other hypervisor options.

She has published a white paper with more details. The software is currently an alpha release.