Many security holes tend to be derived from undesireable code and/or applications being executed. Current firewall and antivirus software act by trying to identify malicious activity, of which there is currently over 100,000 different signatures to maintain. Currently, I have about 60 processes running. Keeping track of this 60 plust the other 40 to 50 I might use during my normal work week tracks a total of about 100 processes. This seems as though it would be much easier than trying to track over 100,000 signatures. Has Microsoft investigated whether it would be benefecial to have the main OS track approved processes(not just installers and main apps) to run? If so, what has prevented Microsoft from moving further forward in this manner?
Slashdot Mirror
Many security holes tend to be derived from undesireable code and/or applications being executed. Current firewall and antivirus software act by trying to identify malicious activity, of which there is currently over 100,000 different signatures to maintain. Currently, I have about 60 processes running. Keeping track of this 60 plust the other 40 to 50 I might use during my normal work week tracks a total of about 100 processes. This seems as though it would be much easier than trying to track over 100,000 signatures. Has Microsoft investigated whether it would be benefecial to have the main OS track approved processes(not just installers and main apps) to run? If so, what has prevented Microsoft from moving further forward in this manner?