Friday, June 11

Back to the Drawing Board?

In a private message to me, Eric Rescorla dumps on my Ephemeral VM Environments idea on several grounds:

  1. Its been thought of — it's called Application Sandboxing. See Janus.
  2. The import and export of user data is the whole problem and can't be glossed for naive users.
  3. One's PC accumulating malware isn't a big deal, compromised data is.

Well, I knew about sandboxing, but didn't know people applied it post-facto to existing programs in existing environments. All of the work seems to be for Unixes.

And I agree that the import and export of data is a big deal, but I think he's making more of it than he should. Imagine, for example, a PC in an Internet Cafe. The proprietors basically don't want user's data surviving a session. This seems to be a very natural way to surf the web: I want freedom to visit any website, and when I'm done I want it to be as if I never went there at all.

As to malware not being a real problem for people except for the data it compromises...I think this may be explained by the computer sophistication of the people he is in contact with. As for me, (almost) all of my friends and relatives are naive users and all of them have had problems with malware that I have helped them with.

No comments: