<div>I have been following Google's Chrome OS. It seems to me that they have decided to tackle the problem in a different way: by eliminating the problem of malware, vulnerabilities and buggy code.</div><div><br></div>
<div><br></div><div>The key points as I see it:</div><div><br></div><div>1. No app gets installed. The OS is a minimal image that has many ways to verify that it is sound. All other software is downloaded and cached. The OS itself is probably a native client app itself running on a small VM manager.</div>
<div><br></div><div>2. Strictly allow only native x86/ARM code that can be verified safe.</div><div><br></div><div>3. Run native code in a sandbox with limited access to system resources - basically none.</div><div><br></div>
<div><br></div><div>These and other measures seem to solve the hardware/software security issues. To reduce the risk of social attacks they</div><div><br></div><div>5. Actively monitor sites for malware activity and highlight in searches.</div>
<div><br></div><div>6. Increasingly encourage SSL services.</div><div><br></div><div><br></div><div>This does not solve the server issue, so they</div><div><br></div><div>7. Push Software as a Service and Platform as a Service to eliminate poorly secured servers and OSs.</div>
<div><br></div><div><br></div><div>I think this sort of approach is the future of computers and servers. It is notable that their approach does not rely on trusted compiler tool chains, signed code (except for the boot loader I think) and malware scanners.</div>
<div><br></div>-- <br>Phil<br><br><a href="http://philatwarrimoo.blogspot.com">http://philatwarrimoo.blogspot.com</a><br><a href="http://code.google.com/p/snmp2xml">http://code.google.com/p/snmp2xml</a><br><br>"Someone has solved it and uploaded it for free."<br>
<br>"If I have nothing to hide, you have no reason to look."<br><br>"Any sufficiently advanced technology is indistinguishable from magic." Arthur C. Clarke - Who does magic today?<br><br>