Research Preparation Exam:  Alan Dunn

Title: Eternal Sunshine of the Spotless Machine: Protecting Privacy with Ephemeral Channels
Date: December 5, 2012
Time: 10 am
Place: ACES 6.116

Commitee Members:
Emmett Witchel (chair)
Vitaly Shmatikov
Warren A. Hunt, Jr.


Modern systems keep long memories.  As we show in this work, an
adversary who gains access to a Linux system, even one that implements
secure deallocation, can recover the contents of applications’
windows, audio buffers, and data remaining in device drivers-long
after the applications have terminated.

We design and implement Lacuna, a system that allows users to run
programs in “private sessions.” After the session is over, all
memories of its execution are erased.  The key abstraction in Lacuna
is an ephemeral channel, which allows the protected program to talk to
peripheral devices while making it possible to delete the memories of
this communication from the host.  Lacuna can run unmodified
applications that use graphics, sound, USB input devices, and the
network, with only 20 percentage points of additional CPU utilization.