North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Creating a crystal clear and pure Internet

  • From: Valdis . Kletnieks
  • Date: Tue Nov 27 10:29:54 2007

On Tue, 27 Nov 2007 10:03:55 EST, Jared Mauch said:

> 	Within the next 2 major software releases (Microsoft OS) they're
> going to by default require signed binaries.  This will be the only viable
> solution to the malware threat.  Other operating systems may follow.
> (This was a WAG, based on gut feeling).
> 
> 	This has some interesting implications and would require Microsoft
> to be a bit more small-app friendly, and there'd be a knob to twiddle if
> you're a developer and don't want to check signatures, but it's one of the
> few ways to resolve the issues IMHO, and cut down on the infections.  So what
> if I own you via your browser, unless the malware i push to your host is
> signed, it's not gonna run.  Game [closer to] over.

The problem with "active content" is that an exploit will quite happily
run in the security context of the browser - and way too many sites insist
on either/both Flash and Javascript.  Ever notice that there's been far fewer
pure Java based problems?  That's because it started off with a semi-sane
security model.  Flash and Javascript didn't.

And you can't allow the browser to create executables, obviously.  Unfortunately,
that *also* means that you can't allow the user to use the browser to download
patches, updates, and new software....

(Well - it's at least theoretically *doable* in the right Trusted Computing
type of scenario, but I doubt we're going to get users to buy into it...)

Attachment: pgp00012.pgp
Description: PGP signature