Scaling down insecure desktop operating systems to virtualized desktop environments
Talk covers how virtualization can be used for isolated execution of insecure systems restricting them to the role of desktop environment with partial delegation of functionality (user management, networking, damage protection, etc.) to the host system. Related implementations and their attempts are reviewed, including Qube OS and Bedrock Linux. Modern VirtualBox and Qemu capabilities to transparently isolate graphical sessions are compared.A technology is described to turn independent OS into Linux-based desktop environment with some functionality invisibly served by host. An implementation details are reviewed on example of turning Microsoft Windows into virtualized Linux graphical session with preserved illusion of its normal user access management and network operation.
Associate Professor of Computer and Systems
Brest State Technical University
Associated professor at Computers & Systems dept. in Brest State Technical University. Belarussian GNU/Linux & free/libre software evangelist. Co-organizer of LVEE, the main open source conference in Belarus since the year 2006.