

Intel's walled-garden plan to put computer-security companies out of business - dctoedt
http://arstechnica.com/business/news/2010/09/intels-walled-garden-plan-to-put-av-vendors-out-of-business.ars

======
merijnv
I disagree with their assessment that replacing the "known-bad" model with a
"known-good" model means Intel expects to become the sole gatekeeper of what
software is allowed to run. This is quite obviously infeasible and I'm sure
Intel knows this.

However, it IS feasible to change from virus scanners allowing any program to
run except when a slow expensive scanning determines it should not. To virus
scanners stopping EVERYTHING from running, except those applications manually
allowed. This latter model is the only sane and secure one. One does not
configure a firewall by letting everything through except things you want to
block.

Now for convenience sake such a scanner should probably ship with most of the
safe windows programs already listed for most users, this does not mean such a
program should (or could) be usable without users being able to add new "safe"
programs to the list.

In the long run I think virus scanners are a security dead end anyway. I think
we will move to even more virtualization. Things like FreeBSD's jails make
having 1 "VM" per user process reasonably possible drastically limiting the
impact viruses can have.

~~~
arethuza
I'm not sure virtualization helps that much - you might gain by limiting the
impact of one malware outbreak but then you end up with so many more OS guest
instances kicking about that it becomes increasing difficult to partition
these sensibly and monitor what is going on.

Add complications like potential Blue Pill threats and it all gets rather
scary.

------
drdaeman
Reminds me about Stallman's "Right to read" somehow.

For the sake that Average Joe won't be harmed by latest Windows worm, do J.
Random Hacker has to pay or undergo some verification/licensing process to run
his own code on his own hardware, then pay more to distribute build to his
friends? Doubt so.

