Wednesday, September 29, 2004
An End to Computer Viruses and Spyware?
Dru Nelson has written an essay that posits that an end to computer viruses and spyware is near. It's an interesting read. Dru believes that two fundamental changes can make this happen: 1. Hardware and OS-level integrity enforcement (e.g. page-level execute permission bits) and 2. All code that is run on a system is signed.
The execute permission stuff is interesting. For Win32, this takes advantage of the No-Execute (NX) feature of AMD64 processors. As long as the OS itself implements the page execute bits properly, this should substantially reduce code injection exploits.
I'm more skeptical of signed code. There are a number of issues:
The execute permission stuff is interesting. For Win32, this takes advantage of the No-Execute (NX) feature of AMD64 processors. As long as the OS itself implements the page execute bits properly, this should substantially reduce code injection exploits.
I'm more skeptical of signed code. There are a number of issues:
- Certificate authorities are businesses. Their main interest is taking your money for generating certs. Can you really trust who is behind the certs that they issue? For example, a few years ago VeriSign issued two certificates to someone posing as a Microsoft employee.
- The average user doesn't understand the implications of security trust alerts (e.g. "Do you want to trust John Doe Software or not?"). And even if they did, human nature being what it is, users quickly get used to clicking "Yes". The case where they shouldn't trust signed code will be missed.
- If adequately trusted certs are expensive or onerous to acquire then small vendors, freeware, shareware, etc. will dry up.
- What do we do with all of the useful unsigned code that exists today? In many cases, it's impractical to retroactively sign the code. Disallowing unsigned code to run is likewise impractical. And once you let some untrusted code run, how do you avoid exploits?
RSS 0.92 Feed