Back to Resources


Posted September 27, 2011

Security Through Purity — Bypassing the Red Queen


As a cloud service, Sauce Labs uses quite a few virtual machines to run our browsers. With Windows images taking about 15 minutes to boot in EC2 and other cloud providers, the most efficient way to use these resources is to cleanup between customers and reuse. Unfortunately, reusing VMs paves a path for malicious users to install software that will continue to run while other customers use them. This means sensitive data could be captured and sent to a 3rd party or, even worse, a 3rd party could gain access to a customer's internal network if they are testing with a tunneling service.[1. Did you know you can use Sauce Labs to test your internal network? Check out Sauce Connect for secure way to use our cloud service to test your internal infrastructure. It's been vetted by a well-known financial institution, a well-known domestic airline, and a variety of other high-profile customers.] How can a VM be protected from malicious software installation? There are a variety of tools one can use to lock down Windows. The tools provided by Windows itself are the Software Restriction Policy and AppLocker technologies. And a cursory Google search will reveal current dll load hijacking methods for getting around them. The reality is it's a Red Queen race between securing a system and finding a new exploit — "It takes all the running you can do, to keep in the same place." For all intents and purposes, it's like submitting your laptop to a hacking contest. Is there anything you could do to feel comfortable using it again?

Like Joshua learned, "the only winning move is not to play," and that's how we roll at Sauce Labs. Every single session, whether you're running manual or OnDemand, gets a fresh VM that's never been used by anyone else.[3. In this way, Sauce Labs has lunched nearly 1.3 million VMs in the last 30 days.] At the end of your session — whether it's 10 minutes or 10 seconds — the VM (with all its data) is completely destroyed. By avoiding the unsolvable problem of guaranteeing a system secure across anonymous use, we instead guarantee a system that has never and will never be used by any customer besides you.[2. Since we give you a fresh VM in under 20 seconds, a 15 minute boot time would require us to keep a lot of expensive, idle resources around to handle demand spikes. That's why we developed a cloud technology which allows us to cold boot VMs in under 40 seconds. Aside from meaning demand spikes are handled with minimal delay, this also means there is no additional expense for providing the best security.] A desirable side-effect of the Security Through Purity model is increased reliability. By always using pristine VMs for every session, every session is run with the same settings. This avoids intermittent failures that arise from the OS being in a state dependent on what the previous users did. At Sauce Labs core is the ability to offer secure, remote browsers for interactive, mobile, JS, and Selenium testing to our customers. Our attention to security provides confidence you can test any part of your external or internal services without having to build and manage your own browser testing infrastructure.

Sep 27, 2011
Share this post
Copy Share Link
© 2023 Sauce Labs Inc., all rights reserved. SAUCE and SAUCE LABS are registered trademarks owned by Sauce Labs Inc. in the United States, EU, and may be registered in other jurisdictions.