Re: Creating a crystal clear and pure Internet

[Valdis.Kletnieks () vt edu]

On Tue, 27 Nov 2007 10:03:55 EST, Jared Mauch said:

>       Within the next 2 major software releases (Microsoft OS) they're
> going to by default require signed binaries.  This will be the only viable
> solution to the malware threat.  Other operating systems may follow.
> (This was a WAG, based on gut feeling).
>
>       This has some interesting implications and would require Microsoft
> to be a bit more small-app friendly, and there'd be a knob to twiddle if
> you're a developer and don't want to check signatures, but it's one of the
> few ways to resolve the issues IMHO, and cut down on the infections.  So what
> if I own you via your browser, unless the malware i push to your host is
> signed, it's not gonna run.  Game [closer to] over.

The problem with "active content" is that an exploit will quite happily
run in the security context of the browser - and way too many sites insist
on either/both Flash and Javascript.  Ever notice that there's been far fewer
pure Java based problems?  That's because it started off with a semi-sane
security model.  Flash and Javascript didn't.

And you can't allow the browser to create executables, obviously.  Unfortunately,
that *also* means that you can't allow the user to use the browser to download
patches, updates, and new software....

(Well - it's at least theoretically *doable* in the right Trusted Computing
type of scenario, but I doubt we're going to get users to buy into it...)

Attachment: _bin
Description: