Jump to content
Posted 15 January 2011 - 04:28 PM
Posted 15 January 2011 - 06:57 PM
Posted 16 January 2011 - 01:49 AM
Posted 16 January 2011 - 04:55 PM
When you have a program running that you have downloaded/streamed (or whatever) from spoon.net there is a process running that is called something like spoon-sandbox or something like that. So that would be their fake version of Windows? -- wouldn't that process then have to be gigantic?
it patches all the calls to the OS and runs the OS in a sandbox while it runs at a higher privilege level.
Posted 16 January 2011 - 06:08 PM
Posted 16 January 2011 - 08:44 PM
Posted 16 January 2011 - 08:52 PM
Posted 16 January 2011 - 09:58 PM
Spoon.net likely has instances running on a cloud then using proprietary graphics drivers intercept and encode the low level UI command and send then to their clients aka like Remote Desktop.
the client has a video interpretation of the application on their local machine. Each application user has their own application state stored on the server. It's like remote desktop, except without the desktop. The application windows are remotely projected to the client.
Posted 16 January 2011 - 10:43 PM
Posted 17 January 2011 - 03:04 AM
Posted 17 January 2011 - 03:21 AM
Posted 19 January 2011 - 01:53 AM
I've read further on their tech on their dev site. It does what I've said but also allows you to run those virtualized bundled app locally as well (maybe that's what your running, however i would be weary of anything which downloads and runs arbitrary executables no matter how secure they think it is). They are using the same techniques all virtualziation software is using, use the virtualized instruction set, run the sandbox client program in a host program, hook the calls to low level devices and services to make the exe thinks its running on clean native windows install (they do this so they don't have to buy a license of windows for each instance?) etc.. with an added boost they decouple the UI from the executable core so its easy to do remote execution, ie their intranet /internet deploy schemes, upload to their cloud etc... All the calls to windows and runtime libraries can be hooked and overridden to make the app thinks its running inside windows but in reality its running inside a sandbox.. Probably analyze the exe and patch up the system calls to their on Spoon OS as they call it..
Posted 31 January 2011 - 06:02 PM
I was fooling around with spoon.net today and am trying to figure out how they are doing what they are doing.
Reading some old discussions of their previous product xenocode virtualization -- which, I think, is what the newer spoon.net site is on top of -- it seems like they are running actual windows executables in a sand box but changing the runtime environment such that some call that is supposed to, say, modify the registry will just modify the sand box version of the registry, etc. What I don't understand is how this could be done. Are they hooking the win32 API or is there some more clever way?