Monday, February 16, 2015

Computer Virus Vulnerability is Unnecessary - the Standard Architecture is Absurd

The NYT makes the following foolish statement while discussing spyware (here) found by Kaspersky in most PCs:

"Firmware is about the closest to the bare metal you can get — a coveted position that allows the attacker not only to hide from antivirus products but also to reinfect a machine even if its hard drive is wiped."

They are wrong because you can get all the way to the "bare metal". The "bare metal" can get along just fine without firmware. You do not need firmware to program hardware - it is just cheaper than building a chip with baked-in capabilities. And this brings up one of my pet peeves: that computers are designed to be vulnerable - with a writable OS sitting on an unprotected hard-disk. Totally unnecessary.

Instead, you can make the OS be like a light bulb, that plugs into an actual socket. Want an upgrade? They send you a new one, you unscrew the old one and screw in the new one. A standard PC would need both vulnerable and invulnerable memory. The latter would not be writable, or could be writable only by the OS. I believe all this virus protection is needed only so Microsoft can save on shipping costs.

It should be no big deal, just more expensive for Microsoft. But as I think about it, it is bad for Microsoft in several ways: (1) It makes their OS more easily replaceable - because the light bulb-to-socket interface would be public; and (2) It draws a clear line, at that interface, between OS and non-OS. I guess this would be difficult for a company that is so fond of bundling. To be as clear: our virus vulnerabilities are connected to profit motive and not to necessity.

No comments:

Post a Comment