Re: Virus free desktop

From: Alan <alan ufies org>
To: gnome-list gnome org
Subject: Re: Virus free desktop
Date: Tue Nov 18 19:23:01 2003

On Tue, Nov 18, 2003 at 05:39:04PM -0500, Stuart D. Gathman wrote:
> On Tue, 18 Nov 2003, Alan wrote:
> 
> > Running programs in a sandbox or letting the OS decide what is or is not
> > a virus would require some sort of database for the os to look up a
> > binary fingerprint, or do some sort of heuristic check to see what the
> > app or docuement is doing, and if it's allowed.  It would have to know
> > that ssh starting up is different than a user (or root) executed program
> > that opens up a port that allows incoming connections.
> 
> A central database of binary footprints is not the way to go.  
> Microsoft tried something like this with Authenticode.  The
> local database of footprints should only be used to enforce
> policy decisions made by the user (e.g. "let this app open 
> an IRC port").

There also needs to be a compromise so that the user isn't prompted for
everything.  I have heard of people getting sick of zonealarm prompting
them for every hit that they either just allow or deny everything, just
to get the program to shut up.  Haven't use it myself though.

alan

-- 
Alan <alan ufies org> - http://arcterex.net
--------------------------------------------------------------------
"There are only 3 real sports: bull-fighting, car racing and mountain 
climbing. All the others are mere games."                -- Hemingway

References:
- Re: Virus free desktop
  - From: Alan
- Re: Virus free desktop
  - From: Stuart D. Gathman

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]