James Forshaw

Paper Title

The Windows Sandbox Paradox

Abstract

More and more user applications are relying on sandboxes to limit the damage a RCE vulnerability can inflict. It started with Web Browsers such as with Internet Explorer's Protected Mode and now covers many different applications. Unfortunately the Windows operating system isn't well matched to providing secure sandboxing. Through a combination of missing features, poor documentation and unexpected behaviour writing a secure sandbox on Windows seems an impossible task. Even built-in technologies such as Windows 8 AppContainer's have unusual behaviour that even catch out Microsoft.

This presentation details some of the ways Windows actively hamstrings sandbox development. It also includes some interesting bugs in sandboxed applications such as Chrome, IE and Adobe Reader which directly result from these problems with OS. Attendees should get a better understanding of some of the issues with Windows sandboxes so that they might be able to better audit sandboxes in the future.

Speaker Bio

James is a security researcher in Google's Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he has numerous disclosures in a wide range of products from web browsers to virtual machine breakouts as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate.