Vaportrail

Transcript

1. None

2. Vaportrail A platform for personal analytics

3. In a nutshell • Continuously aggregate all of your (meta-)data

   to one safe place • Allow apps to run on top of it without fear that they will steal it Vaportrail will…

4. How? • It connects to the services you use and

   pulls your data out using their APIs • Third-party apps run in a secure JavaScript sandbox in your browser1 1. No extensions required, apps can also be migrated to the server as background tasks

5. Why? • In short: life hacking, and fun! • We

   produce lots of useful content and metadata, but it’s very personal • What if we had a safe platform to leverage that data?

6. GPS

7. Related • What about related things that already do this?

   • Eg. IF-THIS-THEN-THAT? • All of them are $aa$ products: close, no cigar. • Where is your data stored, who has access, etc, etc, …?

8. Vaportrail • github.com/kmacrow/vaportrail2 • Deploy it anywhere you want: AWS,

   Rackspace, Azure • Try it out on vaportrailapp.com (invite only)

9. Kalan, you’ve spent $162.49 on fuel this month but have

   only travelled 380km! Consider adjusting your driving style for better fuel economy FuelBuddy

10. Kalan, you’ve spent $162.49 on fuel this month but have

    only travelled 380km! Consider adjusting your driving style for better fuel economy FuelBuddy Efficiency and optimization apps

11. Kalan, you’ve posted updates to social media during every engagement

    this week. Consider paying more attention in your meetings Calendar

12. Kalan, you’ve posted updates to social media during every engagement

    this week. Consider paying more attention in your meetings Calendar Lifestyle and personal achievement apps

13. Kalan, you’ve posted some suspicious looking tweets in the past

    24hrs. Your account may have been compromised. View details

14. Kalan, you’ve posted some suspicious looking tweets in the past

    24hrs. Your account may have been compromised. View details Fraud detection and watchdog apps

15. Search tweets, statuses, emails and calendars…

16. Search tweets, statuses, emails and calendars… Apps that extend and

    aggregate features

17. “So, about this ‘secure’ JavaScript sandbox”, you say

18. “So, about this ‘secure’ JavaScript sandbox”, you say

19. “So, about this ‘secure’ JavaScript sandbox”, you say Indeed…

20. VRE • VRE provides the isolation necessary to prevent apps

    from exfiltrating your data • It is a standard JavaScript environment with a Vaportrail API baked in • Multiple instances of the VRE can run in a single browser tab, each in a dedicated Worker Vaportrail Runtime Environment

21. VRE • App code runs in a separate JavaScript context

    from the VRE • Neither the DOM nor the browser API is directly exposed to app code • App code manipulates the DOM through a managed interface provided by a monitor Vaportrail Runtime Environment

22. VRE Vaportrail Runtime Environment Overview of the runtime

23. VRE Vaportrail Runtime Environment • App code is executed in

    a separate JavaScript runtime managed by Vaportrail, not the browser • Apps interact with the DOM via refs to proxy objects which RPC to instances in the main tab • Could expose a full DOM to apps, but its complex

24. VRE • Why invent a new isolation mechanism? What about

    Treehouse and friends? • Running untrusted code in the same context as the isolation mechanism is risky… • DOM and browser API are a very complex interface to interpose on reliably: ill-defined, many implementations, often just plain weird Vaportrail Runtime Environment

25. VRE Vaportrail Runtime Environment Managed object proxy detail

26. VRE Vaportrail Runtime Environment • Garbage collecting disused objects remains

    a challenge • For now, can rely on explicit release mechanism • Or just let the browser explode

27. VRE • Security model is similar to typical virtualization •

    Attack vectors include the VTK and the monitor • E.g.: find a way to execute arbitrary code in the monitor context by: ✦ tricking the VTK or ✦ constructing code that tricks the JavaScript runtime Vaportrail Runtime Environment

28. Apps • Use the VTK API to query data sources,

    draw UI and save state • VTK is injected into the runtime so it appears “native” to apps — just like document in browser JS • Network is limited to fetching predefined URLs after explicit user approval (e.g. gas prices database)

29. Ecosystem • An app is a .zip containing a manifest

    + code • Can be published to the Vaportrail app hub • Can be shared as a single file • No real need to vet or analyze the apps because they can’t steal your data, just annoy you or not work

30. Backend

31. Trust • The Vaportrail platform code • To some extent

    the IaaS where you deploy it • Not the apps or app authors Who and what do you need to trust?

32. Coming this Fall… https://vaportrailapp.com kmacrow/vaportrail2