If someone came to you with a program which you knew might be evil... how do you express to the operating system that you wish to run it, with only the following access:
C:\danger
No internet or other access?
You can't... your power to express this is non-existent. This forces you to have to trust each and every piece of code you run to not make system wide changes.... which is just plain stupid.
Virus scanners check the code against a list before running it... this list is never perfect, and there is a delay in adding new entries...
Thus security on a pc is not perfect. This will not change until there is a way to express the limits on a program prior to (and during) it's execution.
Operating systems came about as a means to share resources safely... they aren't done yet doing that job.
No comments:
Post a Comment