Tuesday, June 8

Disposable, Hence Safe Computing

In my last posting I noted that there were some problems with the proposal to deploy and then destroy a new computer every time you use one. So, OK, I didn't really mean a physical computer, I meant a virtual one.

For the sake of concreteness, let's assume you use a Windows XP computer. So, every time you fired-up Explorer or Outlook (for example), these programs would run inside a virtual machine environment that would run Windows XP as a guest OS. The system would have pre-arranged a copy-on-write clone of the standard file systems, without your personal files.

When the program you're running exits, the VM environment notes whatever files were created and offers to save the ones that were appropriate for the tasks you did (but not without scanning them first). To do this well would require having a model of the operations of popular programs.

Actually, there should be a mechanism to import personal files when the system starts up — cookies for Explorer and account configuration stuff for Outlook in the scenario described here. Again, models of the programs that are to be run would be helpful.

A firewall mechanism on the VM's network access needs to be provided to block access that is potentially dangerous to the user's network environment. For simple uses, that means any network access not on the public Internet.

OK, so there's the idea. Now what?

No comments: