How about user/password management ? No matter how your shiny GC collects the garbage you create on memory... You still have the opportunity to make a mess out of faulty authentication schemes or stupid array usage... Besides even though your code is secure, the environment on which it runs may be configured/set up/run by a stupid administrator with all those bullshit certificates in his back. Does it sound familiar ??
It's just a stupid idea... Worms spread in an uncontrolled manner. When they infect a machine, they send themselves to your buddies listed in your Address Book and so on... If the worm should be controlled (no doubt it MUST be !!) then there should be another application layer protocol for these worms to travel in the network. And every machine intended to benefit from these "good worms" must control the process of this "good worm". So ? There must be an application which will manage the replication and the working of our "good worm". Let's state the needed work to make "good worms" succeed;
1. Application level protocol to isolate worm traffic.
There will be many corporations eager to dominate the field. So there will be many protocols and many protocol flaws around our "good worms"... You name it... 2. Applications running on clients to control the worm
Flaws of these applications will introduce new security risks... And worst, they can become a crater in the network... Just a small mistake may cause the application to stop controlling the replication and that's it ! Your network is choking on "good worms"...
Isn't it too much work and *responsibility* ?? Just design your OS with security at the first place in your mind... Plan9 is a good example I guess....
Slashdot Mirror
How about user/password management ? No matter how your shiny GC collects the garbage you create on memory... You still have the opportunity to make a mess out of faulty authentication schemes or stupid array usage... Besides even though your code is secure, the environment on which it runs may be configured/set up/run by a stupid administrator with all those bullshit certificates in his back. Does it sound familiar ??
It's just a stupid idea... Worms spread in an uncontrolled manner. When they infect a machine, they send themselves to your buddies listed in your Address Book and so on... If the worm should be controlled (no doubt it MUST be !!) then there should be another application layer protocol for these worms to travel in the network. And every machine intended to benefit from these "good worms" must control the process of this "good worm". So ? There must be an application which will manage the replication and the working of our "good worm". Let's state the needed work to make "good worms" succeed;
... You name it...
1. Application level protocol to isolate worm traffic.
There will be many corporations eager to dominate the field. So there will be many protocols and many protocol flaws around our "good worms"
2. Applications running on clients to control the worm
Flaws of these applications will introduce new security risks... And worst, they can become a crater in the network... Just a small mistake may cause the application to stop controlling the replication and that's it ! Your network is choking on "good worms"...
Isn't it too much work and *responsibility* ?? Just design your OS with security at the first place in your mind... Plan9 is a good example I guess....