Monday, February 09, 2004

Something else to worry about #8

[See previous]

The Virus Underground

From the article: Now any 14 year old can generate an email virus... Just what we need.

What's interesting about this story is what it tells us about our operating systems -- the operating systems that are now so important to our business and personal lives. These operating systems are still so ignorant that they allow any random program to format a hard disk. I cannot think of a reason why you would want a user application (as opposed to a trusted OS application) to have the ability to format a drive.

It would also seem like a lot of these problems could be solved with "authenticated applications" -- applications are not allowed to run unless they come from a trusted source, are signed with a certificate from a trusted source, and are willfully installed by a human being. Why would you want your computer running random, untrusted executables that you have not intentionally installed? Trojan horses have been around for 20 or 30 years -- why haven't these holes been closed?

In related news, this story is fascinating: Stripped-Down MyDoom Hits Microsoft.... Again. The original MyDoom.A virus created something on the order of a million zombie machines. The MyDoom.C virus is exploiting all of those zombies to mount a new denial of service attack on Microsoft.

This problem could also be solved by authenticated applications. There is no reason why anyone would want a random zombie application from an unknown source installing itself without permission and running in the background. The OS should protect against that.

Comments: Post a Comment

<< Home
ARCHIVES © Copyright 2003-2005 by Marshall Brain


This page is powered by Blogger. Isn't yours?