Tuesday, May 19, 2009

Why virus scanners are doomed to fail

Intent is very important, for example... spam is email with an intention to push a product. Malware and trojan horses are similar in intent, but even more malicious. 

The user of a computer can not tell what the intent of the author is... thus it's necessary to provide a mechanism for limiting the scope and actions of that program, in an effort to help with that judgement.

The current group of operating systems do not provide a way to limit the scope and environment of a program prior to its execution, to the ordinary user. 

Virus scanners all assume that programs can be examined and found not to be of ill intent merely by checking them against some arbitrary lists. This can be seen to be a losing battle when viewed from this perspective.

No comments: