November 27th, 2005 11:05 PM
Originally posted here by IKnowNot
4) the right functions on first hard drive are physically limited by a key switch ( actual interrupt of the wires which control writes. This allows, when necessary, to update the OS, etc. without too much difficulty, when absolutely necessary. Could also apply to bios changes: I liked the old jumpers )
Originally posted here by thehorse13
Yeah, there is no easy solution to this, which is why you don't have wide spread adoption today. I'm thinking that the only road home on this is to somehow integate it into the OS design. Again, no small or easy task.
I agree with all of these notions...
Originally posted here by Tiger Shark
Until we come up with an OS that doesn't allow outside executable code to run except in an environment where it is isolated from data then there will always be malware..... and we will always have jobs.....
I can see that IKnowNot's particular pattern could be deployed in almost every environment to some extent... Is this something we could deploy now? From a[n?] Unix perspective I believe this could be done quite easily... I have often thought about having binaries for a locked down server on a CD or other read-only partition...
The CD to thwart those who may want to use the binaries other when doing maintenance or RO if I am using the system often and don't want the performance hit...
November 28th, 2005 12:12 AM
As long as you're not using MD5, you should be ok. In case you haven't heard, there is now an automated tool to beat MD5 hashing. I have a thread here somewhere which gives the details so check it out. I'd rather not rehash (no pun intended) here because I want to keep the conversation on topic.
6) periodically the anti-malware program checks the hash of the OS and itself ( which is reloaded each time executed ) that is in memory with what is on the first hard drive
7) the anti-malware program also checks hash functions of any executables on the second hard drive, which it stores in a separate swap file only writable by the anti-malware program
8) if the hash doesn't match the OS or anti-malware program, or if it detects a unwanted signature, the first swap file is deleted, the administrator and user notified.
For methods close to those described, check out the CIS website. They have all kinds of deployment schemes and goodies there.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
November 29th, 2005 10:32 AM
How about this, can opennes save the internet? http://freshmeat.net/articles/view/1360/
November 30th, 2005 12:48 AM
In a word, no. It isn't that simple ... minded.
November 30th, 2005 01:12 AM
Firstly, I am prejudiced from the start because there are some Cultural Assumption overtones...
Sorry which government was that?
The government is the strongest supporter of closed source software, having committed to long-lasting delivery agreements with Microsoft...
Secondly, it simplifies the...
...into a "lets use open-source" bandwagon and then tacks on a "lets regulate the internet", marketing corporate networks and VPN as the method...
proliferation of spam, worms, crackers, and viruses....
Say whaat? Did you pick-up the contradiction?