New Viruses Hit 30-Month High

Mz6 writes "InformationWeek reports that Sophos has analysed and protected against 959 new viruses in May, this is the highest number of new viruses discovered in a single month since December 2001. From Sophos' own TopTen list they continue on to say that the 'Sasser and Netsky worms may have captured the headlines. ...May has seen a noticeable spike in cybercriminal activity, suggesting that even the arrest of Sven Jaschan ...has done nothing to curb the problem.'"

Re:Security...

[why-is-it]

we need better solutions for security that automatically adapt and defend the end user or system they are on.

The promise of m$ applications is that they interact with each other and the OS better than the competition. The trade-off is that your spreadsheet/email client/browser has hooks into the OS that those sorts of applications really don't need and no users ever asked for, but ones that can be readily exploited.

People ask me what I think about outlook, and I must admit it is quite possibly the most efficient means of distributing trojans that has ever been devised. Even on 2000, outlook has root-access to the operating system. Given that older versions of their operating systems only had one level of privilege for all userids, such security problems could and ought to have been expected, but there is no need for outlook (or ie) to have that sort of privileged access to the OS as it does on 2000/xp.

Maybe Tannenbaum is right, and a microkernel is the way to go? Maybe we should take it one step farther and run all applications in jails to effectively limit their access to system resources and one another?