Vaportrail

3c02038387302217d6b670ba6dafaecf?s=47 Kalan MacRow
October 28, 2014

 Vaportrail

3c02038387302217d6b670ba6dafaecf?s=128

Kalan MacRow

October 28, 2014
Tweet

Transcript

  1. None
  2. Vaportrail A platform for personal analytics

  3. In a nutshell • Continuously aggregate all of your (meta-)data

    to one safe place • Allow apps to run on top of it without fear that they will steal it Vaportrail will…
  4. How? • It connects to the services you use and

    pulls your data out using their APIs • Third-party apps run in a secure JavaScript sandbox in your browser1 1. No extensions required, apps can also be migrated to the server as background tasks
  5. Why? • In short: life hacking, and fun! • We

    produce lots of useful content and metadata, but it’s very personal • What if we had a safe platform to leverage that data?
  6. GPS

  7. Related • What about related things that already do this?

    • Eg. IF-THIS-THEN-THAT? • All of them are $aa$ products: close, no cigar. • Where is your data stored, who has access, etc, etc, …?
  8. Vaportrail • github.com/kmacrow/vaportrail2 • Deploy it anywhere you want: AWS,

    Rackspace, Azure • Try it out on vaportrailapp.com (invite only)
  9. Kalan, you’ve spent $162.49 on fuel this month but have

    only travelled 380km! Consider adjusting your driving style for better fuel economy FuelBuddy
  10. Kalan, you’ve spent $162.49 on fuel this month but have

    only travelled 380km! Consider adjusting your driving style for better fuel economy FuelBuddy Efficiency and optimization apps
  11. Kalan, you’ve posted updates to social media during every engagement

    this week. Consider paying more attention in your meetings Calendar
  12. Kalan, you’ve posted updates to social media during every engagement

    this week. Consider paying more attention in your meetings Calendar Lifestyle and personal achievement apps
  13. Kalan, you’ve posted some suspicious looking tweets in the past

    24hrs. Your account may have been compromised. View details
  14. Kalan, you’ve posted some suspicious looking tweets in the past

    24hrs. Your account may have been compromised. View details Fraud detection and watchdog apps
  15. Search tweets, statuses, emails and calendars…

  16. Search tweets, statuses, emails and calendars… Apps that extend and

    aggregate features
  17. “So, about this ‘secure’ JavaScript sandbox”, you say

  18. “So, about this ‘secure’ JavaScript sandbox”, you say

  19. “So, about this ‘secure’ JavaScript sandbox”, you say Indeed…

  20. VRE • VRE provides the isolation necessary to prevent apps

    from exfiltrating your data • It is a standard JavaScript environment with a Vaportrail API baked in • Multiple instances of the VRE can run in a single browser tab, each in a dedicated Worker Vaportrail Runtime Environment
  21. VRE • App code runs in a separate JavaScript context

    from the VRE • Neither the DOM nor the browser API is directly exposed to app code • App code manipulates the DOM through a managed interface provided by a monitor Vaportrail Runtime Environment
  22. VRE Vaportrail Runtime Environment Overview of the runtime

  23. VRE Vaportrail Runtime Environment • App code is executed in

    a separate JavaScript runtime managed by Vaportrail, not the browser • Apps interact with the DOM via refs to proxy objects which RPC to instances in the main tab • Could expose a full DOM to apps, but its complex
  24. VRE • Why invent a new isolation mechanism? What about

    Treehouse and friends? • Running untrusted code in the same context as the isolation mechanism is risky… • DOM and browser API are a very complex interface to interpose on reliably: ill-defined, many implementations, often just plain weird Vaportrail Runtime Environment
  25. VRE Vaportrail Runtime Environment Managed object proxy detail

  26. VRE Vaportrail Runtime Environment • Garbage collecting disused objects remains

    a challenge • For now, can rely on explicit release mechanism • Or just let the browser explode
  27. VRE • Security model is similar to typical virtualization •

    Attack vectors include the VTK and the monitor • E.g.: find a way to execute arbitrary code in the monitor context by: ✦ tricking the VTK or ✦ constructing code that tricks the JavaScript runtime Vaportrail Runtime Environment
  28. Apps • Use the VTK API to query data sources,

    draw UI and save state • VTK is injected into the runtime so it appears “native” to apps — just like document in browser JS • Network is limited to fetching predefined URLs after explicit user approval (e.g. gas prices database)
  29. Ecosystem • An app is a .zip containing a manifest

    + code • Can be published to the Vaportrail app hub • Can be shared as a single file • No real need to vet or analyze the apps because they can’t steal your data, just annoy you or not work
  30. Backend

  31. Trust • The Vaportrail platform code • To some extent

    the IaaS where you deploy it • Not the apps or app authors Who and what do you need to trust?
  32. Coming this Fall… https://vaportrailapp.com kmacrow/vaportrail2