Barney's Blog

Blog archive

Symantec Hopes To Remake (Tighten) Security

Most security tools will allow just about anything as long as it's not on a black list. Symantec CEO John Thompson thinks it's time for a change. Because exploits are getting worse and worse, Thompson believes we should turn security on its head and only allow things that are specifically outlined in a white list.

While this appears overly restrictive, it might be better to have a locked-down system that actually runs rather than a wide-open machine that's more frozen than a king crab fisherman.

A better idea might be to build virtualization into the OS in very specific ways -- such as isolating e-mail and the Internet from our documents. Of course, this runs completely counter to Microsoft's attempts to integrate everything with the Internet. But isn't that what got us into trouble in the first place?

Speaking of Symantec, my daughter Lauren just went off to college. Milliseconds after connecting to the campus network, her HP laptop began running slower than Kyle Petty with a flat tire. Now that's slow!

I paid for a Norton subscription, so she dutifully ran a Norton scan. After eight hours, it was only a third of the way done. Next, she tried the Microsoft Malicious Software Removal tool and it told her she had an unwelcome visitor -- Backdoor:Win32/Rbot.gen!A! Even though this Trojan was first discovered over three years ago, it managed to slip past Norton's defenses and set up shop. We went back to Norton and it took three full days to complete the scan.

Just shows you how tough it is for even the top dogs to protect our systems. Maybe Lauren will listen next time I offer to buy her an iBook!

Posted by Doug Barney on September 24, 2007 at 11:52 AM