Tim's whole argument for getting people to shell out "time and money" (his own words) to upgrade both their hardware and their software is so they get the Outlook feature which prevents them from executing attachments (as another reader has pointed out, the Novarg virus circumvented this very feature by sending itself as a ZIPfile).

But this is missing the point, and thereby, failing to address the underlying issues.

The problem is the "security context" in which Microsoft Windows executes attachments. Simply put, the attachments are executed in the context of the user, and thus have all the rights and access of the user (eg. ability to write to drive C:, ability to use internet). Alternative operating systems can execute code in a restricted "sandbox" which is completely insulated from the rest of the machine. Even if a virus executes in the sandbox, it does not infect the entire machine - the sandbox simply does not have the access.

So until Microsoft Windows actually has this built-in support for isolating potentially hostile code, there's no reason to upgrade. It's no more secure than Windows 3.1!

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/217/24750#24750