Thursday, February 16, 2006

A real security model, spotted in the wild!

Jeff Atwood of Coding Horror hits the jackpot:

Too many scary vulnerabilities in crusty old IE6? You can't stop clicking on dancing bunnies? Just run your OS session in a virtual machine. At the end of every session, you blow it away. No spyware or virus is virulent enough to escape a VM. If you want to log in again, you tear off a new VM and start fresh. It's like formatting your hard drive every time you turn off your PC. And this doesn't have to be done at the OS level to be beneficial, either; why not selectively launch apps in their own private VMs?

This is what we're going to have to do for everything. Why trust code, when you can just run it in a sandbox?

It's great to see something I've been trying to communicate layed out in such a straight forward manner... I strongly suggest you read the whole thing.

No comments: