h a l f b a k e r y"It would work, if you can find alternatives to each of the steps involved in this process."
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
When an employee gets a job as janitor. The janitor is limited to perform certain duties. If the janitor is caught opening a safe or looking through the filing cabinets. The janitor will be fired.
When you install software on your computer, it is the same as a company hiring a janitor.
A software should be given a certain jobs to do and restricted to the directory of folder where it is located. Each program should be given a list of jobs to do. The user must give the software permission to do certain jobs. Only way a virus can infect a computer, is when the user gives a virus more security clearance.
In the 1982 movie, "Tron", each program is portrayed as people. The programs talk to each other and have jobs to do. Also, there is hierarchy, in which the highest authority is the "Master Control program". The "Master Control Program" had to answer to the User.
If the company was run like a computer. The janitor could steal money, steal information, burn down the building and stop payment of bills. There is nothing to stop the janitor from destroying the company. The security guards can not stop the janitor, because the janitor is not on their list of saboteurs. The list has to be updated. The janitor is treated as an equal to the executive of the company.
Far as I know, the major Anti-Virus programs do not used these concepts. If they did, people would not need to constantly update their virus definitions.
Anti-virus programs that used definitions to only go after virus that is known. The newest virus is not on the list. When you hear about it on T.V., your computer is already infected.
A helpful link...
http://www.dennisgd...0Structure%20Basics [RayfordSteele, Oct 17 2004, last modified Oct 21 2004]
BOCH
http://bochs.sourceforge.net/ Currently, bochs can be compiled to emulate a 386, 486 or Pentium CPU. Bochs is capable of running most Operating Systems inside the emulation including Linux, Windows® 95, DOS, and recently Windows® NT 4. [Regulus, Oct 17 2004]
Please log in.
If you're not logged in,
you can see what this page
looks like, but you will
not be able to add anything.
Annotation:
|
|
Most virus programs _do_ use these concepts, although in a limited way. Most protect the boot sector of the hard drive, and some prevent the removal of critical system files (in fact, the latest versions of Windows do this too). |
|
|
It's not right to use a large corporation as an analogy for a computer. |
|
|
The way that personal computers are used, we are more like partners in a small business. We give the user and, by extension, programs the ability to create, move and delete files when installing new software. Remove this ability, and people will disable the software. |
|
|
Most viruses in the wild today use social engineering to make the user believe they are installing a beneficial or interesting program. It is usually the computer-illiterate people who are infected with this type. Others exploit known holes in the operating system or browser. |
|
|
It seems like there is a bit of Darwinism going on here. |
|
|
I would like to download lots programs from the internet and install it on my computer, but I have to be careful who I download from. Then I ask the question "Does the benefits gain by installing a program, will justified me into taking a risk". |
|
|
I know that, once I install a program on my computer, I have no control over what it does. I always got the fear that I probably have a Trojan program operating without my knowledge. |
|
|
For example, if I were to install MP3 player on my computer. The only purpose of the MP3 player is to play music. I would like setup MP3 player to read files that are related to music. If the MP3 player tries to access my bank account information,delete my hard drive, communicate to outside world or steal my passwords, "The Master Control Program" will stop it and inform me of the illegal access. |
|
|
I may also want to limit the MP3 Player to a directory where all the music files are stored. If the MP3 player wants to delete or create files, it has that ability, but it can only operate in that directory that I chosen. |
|
|
The user should treat all programs as a potential virus. Give each program the minimal requirements that is necessary, so that the program can do the job that it was assign. |
|
|
I want complete control over my computer. |
|
|
Lets suppose in a distant future, artificial intelligence is created. Just like in the movies, Terminator and Matrix, artificial intelligence decided that humans are pests that needs to be exterminated. |
|
|
If we continue with this idea that we are equal partners in a small business, there is a possibility that artificial intelligence will turn against us. |
|
|
Machines need to be subordinate to humans. |
|
|
//The user should treat all programs as a potential virus.// I keep trying to explain that to someone in this household. Today, for example - 5 programs were downloaded which I *got* to remove. "I didn't do it" - 'Uh, you were on the computer when I got up, right' - "Yeah" - 'C'mere... See what time these programs were installed?' - "Oh" |
|
|
Splendid thinking. Linux/Unix already implements some of these proposals tho ... |
|
|
For example, you can create user accounts on Linux; they can't do certain operations. Furthmore, they can only access those files which they have permissions for. |
|
|
So for example a webserver will run as a user called 'www' and not the super-user (or "Master Control Program"). Therefore, if the webserver is hacked the hacker wont have full access to the computer. |
|
|
Win2000 and XP also have user accounts; make sure the one you normally use isnt an "administrator" |
|
|
thumb: that's like my son, who generally blames me when his laptop crashes after I have uninstalled the garbageware stuff that has inexplicably managed to find its way onto his harddrive. |
|
|
By and large, I do think Regulus is on the right track, though this approach seems more the purview of operating systems than virus checkers. |
|
|
I got this idea about stopping a virus from destroying a computer, from using emulators for old computers. TI-99/4A, Atari 800 XL,and Atari ST are emulators that I played with. I realize if a virus was written for these computers systems, the virus could not harm my computer. The virus is confined to the emulated computer. I also found that there is emulator that emulates Pentium CPU with Windows 95 Operating System. |
|
|
Didn't those boffins at Bell Laboratories bake a multi-user system (with hardware support) that does all this, ohhh, some 40 years ago? This idea does sound remarkably familiar
now if I could only remember what it was called... |
|
|
This is baked. It's called unix, linux, or other variants where there the Master Control Program as you call it is "root", and nearly every program you install is somewhere below and not equal to root. |
|
|
The problem is that having so many layers of security can make it more difficult for users to properly administrate. You want to let the user USE the computer for >99% of the time, and only spend his/her time configuring it & setting it up <1%. |
|
|
This is just one of many ways to help prevent viruses & trojans. |
|
|
If you have a need to search a website that has agressive advertising and has ways of tricking you into installing a program, you can use Bochs to emulate Windows 98(from a clean install with no bank account/personal numbers) with the NE2K card then get the web info you need. Then when the system gets ugly with coolwebsearch, winpup or whatnot, exit out of Bochs and use a secure delete file shredder to overwrite the infected hard disk "image file" with random characters. |
|
|
While this idea is a good one, you have to realise that most people don't understand about how programs work or even what a program does past it's GUI. |
|
|
One of the underlying principles of computer use is Abstraction. Its also probably the reason that computers are so widely used. Basically, users abstract away the details of whatever is going on and lets the computer work everything out. |
|
|
99% of computer users don't care if their word processor has to create a temp file or if their mp3 player accesses the internet to find album information and would probably get very confused if their PC asked them if it was allowed to perform such tasks. |
|
|
Finally, with the nature of some programs these days, it's impossible to tell exactly what a program's "job" is... |
|
| |