WEBVTT

00:00.750 --> 00:07.200
Now in this lecture, I want to show you how to use cubes to carry out two important tasks that you're

00:07.200 --> 00:09.680
used to use on other operating systems.

00:09.690 --> 00:16.440
And as I do this again, the idea of the separation and the different domains and virtual machines will

00:16.440 --> 00:17.970
become even clearer.

00:18.300 --> 00:23.630
So right now I have an instance of a file manager in my personal domain.

00:23.640 --> 00:30.390
And on the left here I have an instance of the file manager in my work domain, in my work virtual machine.

00:30.390 --> 00:33.780
Again, as you can see, it's in blue and it says work at the start.

00:34.380 --> 00:40.200
So as I showed you in the previous lecture, when we download something in my personal virtual machine

00:40.200 --> 00:46.680
here, the image, it doesn't exist in my downloads directory in here because like we said, these are

00:46.680 --> 00:50.220
two separate virtual machines using two separate file systems.

00:50.220 --> 00:53.910
Therefore they're completely separate and they do not share anything.

00:54.570 --> 00:57.090
Now what I want to show you is copy pasting.

00:57.090 --> 01:03.030
So let's say I wanted to copy this file, I can right click copy or you can do control, see just like

01:03.030 --> 01:04.560
any other operating system.

01:04.560 --> 01:10.950
And then because this is a picture, we can go to my pictures in here and just do control V or right

01:10.950 --> 01:13.320
click paste and we will have the picture.

01:13.320 --> 01:16.350
So this is perfectly fine, it's perfectly normal.

01:16.560 --> 01:24.300
But if I do this again, so let's do right click copy and let's say I want to put it in my downloads,

01:24.300 --> 01:27.540
in my work file system, in my work domain.

01:28.050 --> 01:32.370
If I do right click in here, you'll see that the paste is grayed out.

01:32.370 --> 01:37.650
I cannot paste and if I do control V, you'll see that nothing will happen.

01:37.650 --> 01:44.490
And the reason for this is, again, it goes back to the whole idea of the separation of the different

01:44.490 --> 01:48.120
domains, which are completely separate virtual machines.

01:48.120 --> 01:52.170
So you can think of them as if they are two different computers.

01:52.170 --> 01:58.200
Therefore, what we did right now, it's as if you go to a computer, you right click and a copy image,

01:58.200 --> 02:03.840
and then you go to a completely different computer to another laptop, and then you're trying to paste

02:03.840 --> 02:05.670
that image in that laptop.

02:05.700 --> 02:09.720
Obviously that's not going to work because these are two separate computers.

02:09.720 --> 02:12.060
They use two different storage devices.

02:12.060 --> 02:18.090
Therefore, the the second computer is not even aware that you actually copied something.

02:19.150 --> 02:27.100
Now because these two computers or to these two domains are running within cubes within one hypervisor,

02:27.340 --> 02:29.780
we can actually copy and paste between them.

02:29.800 --> 02:31.810
It's just slightly different.

02:32.080 --> 02:37.360
So if you want to copy something within the same virtual machine or within the same domain, it's fine.

02:37.370 --> 02:43.780
You can right click and copy, but if you want it to copy between two different domains or virtual machines,

02:43.780 --> 02:45.850
you'll have to right click this.

02:45.850 --> 02:51.370
And instead of clicking on copy, we're going to click to copy to other AB VM.

02:52.450 --> 02:59.230
Clicking on this will show us a window that will ask us which VM or which domain we want to copy this

02:59.230 --> 03:00.160
file to.

03:00.490 --> 03:04.390
Now we want to copy this to our work VM to our work domain.

03:04.390 --> 03:11.320
So I'm going to type work and I'm going to click on OCH now you'll see that this will not appear in

03:11.320 --> 03:12.010
here.

03:12.010 --> 03:19.620
But if we go to the home directory, you'll see we have a new directory in here called Cubes in Common.

03:19.630 --> 03:26.790
And this is where you will see all the files that you copy from other domains or other virtual machines.

03:26.800 --> 03:30.910
So if we double click this, you'll see we have a directory called personal.

03:30.940 --> 03:35.950
If you copied stuff from another domain, for example, if you copied it from the untrusted, you'll

03:35.950 --> 03:37.900
have a directory called untrusted.

03:38.290 --> 03:42.640
So inside the personal directory you'll see we have the image that we wanted.

03:42.640 --> 03:45.460
If we double click it, you'll see that the image is fine.

03:45.460 --> 03:46.720
This is the actual image.

03:46.720 --> 03:54.400
It did not get corrupted and you can now right click it and copy it and paste it to anywhere you want

03:54.400 --> 03:58.000
within this operating system, within the work domain.

03:59.240 --> 04:04.850
So this is how to copy files within a domain or between two different domains.

04:04.880 --> 04:07.310
Now, what about copying text?

04:07.640 --> 04:09.920
So let's just type something simple.

04:09.920 --> 04:15.530
I'm just going to click on the search in here, just so that I have a text box that I can type in and

04:15.530 --> 04:16.580
I'm just going to type.

04:16.580 --> 04:19.310
This is some text to copy.

04:20.310 --> 04:26.160
Now, if you want to copy this text within the same operating system, again, it's exactly the same

04:26.160 --> 04:27.990
as any other operating system.

04:27.990 --> 04:30.450
You select all the text that you want to copy.

04:30.450 --> 04:34.860
You can do right click copy or control C from your keyboard.

04:35.100 --> 04:41.820
And then if we remove this and then open the search bar again and do control v, this will paste it

04:41.820 --> 04:42.990
in here for me.

04:43.170 --> 04:48.480
So identical behavior to any other operating system that you're used to.

04:49.050 --> 04:55.950
Again, the tricky part is trying to copy this text from one domain, from one virtual machine to another

04:55.950 --> 05:00.360
domain, because this domain right here is a completely separate computer.

05:00.390 --> 05:03.720
It doesn't even know that you copied this text.

05:04.200 --> 05:08.580
So to get around this, you'll have to first select the whole text.

05:08.610 --> 05:12.480
You'll have to do control C or right click copy to copy it.

05:12.690 --> 05:18.600
And then we're going to do Control Shift C doing this.

05:18.600 --> 05:22.920
We'll copy the text into the global clipboard.

05:23.430 --> 05:31.020
So right now the text that I just copied is available for all operating systems, for all domains to

05:31.020 --> 05:31.740
capture.

05:32.100 --> 05:39.090
And if you go here to our clipboard, you can see that we have 25 bytes of data are copied from the

05:39.090 --> 05:40.380
personal domain.

05:40.920 --> 05:48.180
Now, if we want to paste this in here in my work domain before we can do control V, which is the shortcut

05:48.180 --> 05:54.870
for pasting, you have to first of all, get the global clipboard, get the text that we copied to the

05:54.870 --> 05:56.160
global clipboard.

05:56.340 --> 06:02.970
To do that you have to do control shift V first and as you can see now is telling us that the global

06:02.970 --> 06:09.690
clipboard has been wiped and it's in my work domain clipboard now, so now I can paste it exactly the

06:09.690 --> 06:12.990
same way that I paste anything else I can just do control.

06:12.990 --> 06:17.070
V And as you can see, we have the text pasted in here.

06:17.580 --> 06:21.660
So this should show you how separated these virtual machines are.

06:21.660 --> 06:27.720
And this is what makes cubes so cool because they are so separated, but they can also communicate with

06:27.720 --> 06:29.760
each other if the user wants to.

06:29.760 --> 06:35.880
But if a hacker gains access to one of these machines, he doesn't have access to the global domain

06:35.880 --> 06:40.140
and therefore they can't move from one domain to the other.

06:40.140 --> 06:46.770
So if one machine gets hacked, it's very difficult for a hacker to go and compromise the other machines.

06:47.810 --> 06:54.860
Now, another task that you will probably be performing a lot is connecting a USB device to your computer,

06:54.860 --> 06:57.740
whether it's a mouse, a camera or a storage device.

06:57.740 --> 07:04.850
When you connect a USB device to cubes, it doesn't get connected to any domain or to any virtual machine,

07:04.850 --> 07:09.380
which is great because it is very hard to trust USB devices.

07:09.380 --> 07:12.560
I actually cover this in my conference in Orlando.

07:12.560 --> 07:19.790
You can weaponize pretty much any USB device, even a USB lamp or a mouse to execute commands on the

07:19.790 --> 07:21.890
computer that it gets connected to.

07:21.890 --> 07:26.600
And this way it will allow a hacker to gain full control over that computer.

07:27.020 --> 07:32.720
I will include a link to that talk if you're interested, but the cool thing here in cubes, when you

07:32.720 --> 07:40.190
connect a USB device, it will not allow that device to register itself as a keyboard first and it won't

07:40.190 --> 07:42.350
connected to a virtual machine.

07:42.350 --> 07:48.920
It will detect the device, but it will wait for you, for the user to select which domain or which

07:48.920 --> 07:51.560
virtual machine you want to connect this to.

07:51.560 --> 07:58.430
And then even if that code get executed, it will only hack into the machine that you connect it to.

07:58.430 --> 08:04.100
And it will be very difficult to move from that machine and compromise the other machines.

08:04.430 --> 08:10.310
You can even connect it to a disposable virtual machine to do untrusted tasks.

08:10.310 --> 08:14.390
And we'll talk about untrusted virtual machines in the next lecture.

08:14.390 --> 08:16.070
So stay tuned for that.

08:17.040 --> 08:23.010
Now, first of all, before I connect my USB device, if you go in here to the top right, you will

08:23.010 --> 08:28.260
see all of the devices connected to the Cube's operating system right now.

08:28.260 --> 08:31.740
And a lot of these right now are built in devices.

08:31.740 --> 08:35.580
In my computer, I haven't really connected much via USB.

08:35.850 --> 08:37.650
So we're going to remember what's in here.

08:37.650 --> 08:44.160
Now, I'm going to close this window and I'm going to connect my storage device.

08:45.210 --> 08:49.620
And as you can see, we get a notification that the device is ready to be used.

08:49.800 --> 08:56.340
But if we look in any of these machines, you'll see that we don't have access to this device.

08:58.540 --> 09:02.860
To connect this device to a virtual machine or to a domain.

09:02.860 --> 09:08.710
We're going to go to the devices in here again and you'll see we have the device in here.

09:08.710 --> 09:12.200
This is the name of the device that came up in the notifications.

09:12.220 --> 09:17.050
It's also the extra device that didn't exist before when we opened the list.

09:17.140 --> 09:22.930
And if we hover over it, you'll see that it's going to list all of the running domains, all of the

09:22.930 --> 09:26.680
running virtual machines that we can connect the device to.

09:26.770 --> 09:31.690
So right now, we only have the personal and the work running the ones that we can actually use.

09:31.690 --> 09:36.440
And let's say I want to connect this to my work virtual machine or to my work domain.

09:36.460 --> 09:42.220
All you have to do is literally just click on this and you'll get a notification telling you that it's

09:42.220 --> 09:46.900
going to connect it to the work domain and give it just a little bit of time.

09:46.900 --> 09:50.050
And then we're going to go to our other locations.

09:50.170 --> 09:56.080
And as you can see, we have it right here, my eight gigabyte volume, we can double click it to access

09:56.080 --> 10:03.610
it and then interact with its files exactly the same way that you would in most other operating systems.

10:03.610 --> 10:08.740
Again, double click to open, right click to get the options, copy and paste like I showed you and

10:08.740 --> 10:09.430
so on.

10:10.500 --> 10:12.180
So that's it for this lecture.

10:12.180 --> 10:16.200
I just wanted to show you some of the tasks that you're going to be using a lot.

10:16.320 --> 10:23.550
And through that, I also wanted to help you understand how these domains are completely separated from

10:23.550 --> 10:30.780
each other and how this separation can make the whole operating system more secure or help us improve

10:30.780 --> 10:31.950
our security.