Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hillis' virus solution: Limit OS Usage

Posted by Hemos on from the and-you-have-to-use-DRDOS dept.

robobabe writes "The NY Times today (free login) has a front page article on viruses. The article has a history of the origins of the terms in science fiction, and ends with an interview of Danny Hillis (Connection Machine founder). Hillis argues that the current vulnerability to attacks is due to running a single OS and that a solution is "no government agency should be allowed to run more than 34% of its personal computers on one proprietary operating system."

2 of 158 comments (clear)

  1. Yes, what an intelligent solution (NOT) by Masem · · Score: 4

    I can tell that this 34% is going to get a very
    strong slam here today, so instead, let's actually
    look at the *REAL* solutions:
    - Teach users what email is (including basics of email, including POP, IMAP, MIME, and sendmail & friends at a very basic level so they known how their mail gets routed. Teach users that opening an attachment on an insecure OS is asking for trouble, and should never be done unless the source is absolutely trustworthy... which leads to...
    - Using PGP/GPG or other secure identification methods to be able to trust the validity of the mail. Just because it's from a co-worker doesn't necessarily mean it's legit.
    (These two stand out only because the latest big virii have been email ones, not that this is the only route)...
    - Make sure all installations that require it have a quality and up-to-date virus program.
    - Have the sysadmin be diligent about reading the various virii advisory lists and visiting the web sites of the makers of the virii programs on a daily basis. I've yet to see any major virii come out (at least in the states) and not have a virus eliminator or such within a 24hr day.
    - Um, backup frequently and often. A virus may just eventually get through, but a virii can't do damage to tape backup, only possibly reside on there.
    The situation with virii today is that we have a bunch of lusers running around thinking they know everything but end up in these situations, *and* because we have lazy sysops in many places. Fixing both these problems would cost *much* less than reequipping gov't offices with up to 66% in new computers, as opposed to just simple training and effective sysopping.

    --
    "Pinky, you've left the lens cap of your mind on again." - P&TB
    "I can see my house from here!" - ST:
  2. It's a flawed argument by substrate · · Score: 5

    I'm not sure how Art Amolsh expects OS diversity would help things. Essentially right now the other OSes are somewhat safer from viral or worm attacks than other OSes. Not necessarily by design or the capabilities of the operating system, but by having a small market share. The wastes of flesh who code these things target Windows systems because they can then nail greater than 90% of the systems with knowledge of one code base. If other systems were more popular more virii and worms would appear for them as well.

    In order to really use diversity to hamper the spread of worms and virii you'd have to go to much wider extremes anyway. Not only would you have to have different operating systems, but users would have to use a variety of different packages for storing information complete with different file formats. Of course that would diminish the benefits of having a shared network: interchange of information would now be much more difficult.

    In reality until software is developed which can detect and respond to software threats autonomously people will always be susceptible to the whims of worm and virii coders. You can minimize the risk somewhat by using a robust OS or a non-mainstream OS. Once that OS becomes mainstream you've lost the 'protection'.