I wonder if there are a million ways to tweak the Windows O/S kernel,
so that it still works (if it did before), but that, the tweaking in
effect makes it seem like there a million different classes of machine
out there.
A lot fewer machines of a particular class for malware writers to be
tooooo interested in.
Posted in this group, since Roedy frequents this group.
--
Regards,
Casey
>It seems to be the widespread use of a computer (O/S), that makes it a
>target for malware writers.
>
>I wonder if there are a million ways to tweak the Windows O/S kernel,
>so that it still works (if it did before), but that, the tweaking in
>effect makes it seem like there a million different classes of machine
>out there.
>
>A lot fewer machines of a particular class for malware writers to be
>tooooo interested in.
I have puzzled why there are so many "security updates". Just how
many places does an OS expose itself?
Perhaps what is needed is an OS written from scratch with security as
paramount. The key would be reducing the number of places an OS
exposes to critical data and keeping each app in its own airtight box
where it can only harm itself. I also want isolate device drivers in
firmware running their own CPUs so bugs in drivers can't compromise
the OS.
It might be wise to not let any coder under 45 years old near writing
or maintaining the security code.
A Roman emperor PRESUMED everyone was out to get him, and organised
accordingly. OSes blithely presume there are no bugs in gigabytes of
code. An OS has to work even when there are bugs. It has to be
constantly cross-checking itself.
--
Roedy Green Canadian Mind Products
http://mindprod.com
When you are programming and you feel paralysis from overwhelm:
(o) Write down your worries in an electronic todo list, so you can temporarily stop thinking about them.
(o) Write smaller modules and classes so you don�t need to juggle many facts to complete the code.
(o) Do some necessary, but simple, clerical task.
(o) Solve some simple problem with at least some probability of being useful in the big solution. It will break the logjam.
~ Roedy
--
Daniel Pitts' Tech Blog: <http://virtualinfinity.net/wordpress/>
What does this have to do with Java?
> I wonder if there are a million ways to tweak the Windows O/S kernel,
> so that it still works (if it did before), but that, the tweaking in
> effect makes it seem like there a million different classes of machine
> out there.
>
> A lot fewer machines of a particular class for malware writers to be
> tooooo interested in.
>
> Posted in this group, since Roedy frequents this group.
That is bizarre reasoning. The reason to post to comp.lang.java.advocacy
should be because the topic of your post relates to Java advocacy. If you
want to send a message to Roedy, send him an email.
--
Lew
> On Mon, 28 Sep 2009 09:44:22 -0700, Casey Hawthorne
> <caseyhHA...@istar.ca> wrote, quoted or indirectly quoted
> someone who said :
>
> >It seems to be the widespread use of a computer (O/S), that makes it a
> >target for malware writers.
>
> I have puzzled why there are so many "security updates". Just how
> many places does an OS expose itself?
>
As many as the user lets it ;)
> Perhaps what is needed is an OS written from scratch with security as
> paramount. The key would be reducing the number of places an OS
> exposes to critical data and keeping each app in its own airtight box
> where it can only harm itself. I also want isolate device drivers in
> firmware running their own CPUs so bugs in drivers can't compromise
> the OS.
>
OpenBSD? <http://www.openbsd.org/> They win purely for having a TRON
themed mascot right now.
It's important to differentiate between a desktop user and a server
admin. It should be standard for a desktop user to have a router, so
that the connection to the internet has a minimum of security, and may
be easier to configure. Most I reckon only use modems with zero
security, and the Windows firewall is not very good (if they set it up
at all, it's so naggy I'm guessing most just will click allow
everything/forever and be done with it).
> A Roman emperor PRESUMED everyone was out to get him, and organised
> accordingly. OSes blithely presume there are no bugs in gigabytes of
> code. An OS has to work even when there are bugs. It has to be
> constantly cross-checking itself.
>
Sounds like A.I., of course it would be awesome if a computer could tell
you that someone did something unnice. That would require it to be self
aware too.
>Sounds like A.I., of course it would be awesome if a computer could tell
>you that someone did something unnice. That would require it to be self
>aware too.
I was thinking along the lines of some redundancy, but not AI. The OS
is built of black boxes. You have independent teams implement each
black box three times. The black boxes challenge each other, and
monitor the three implementations for consistency. If anything
detects trouble it triggers an "inquisition" that normally results in
one black box being disabled, and messages sent back to the
implementors. Pay of the implementation teams is based on NOT having
your modules decommissioned, relative performance to the other
implementors of a black box.
>Malware is just a flavor of malware.
I think you meant to say something more profound.
This could probably be scaled down to component level with similar
results. The protocol was design to allow minimal overhead in a
"everyone agrees" situation.
"Malware is just a flavor of general software." is what I intended.