Linked by Thom Holwerda on Tue 10th Nov 2009 09:31 UTC
Windows Last week, security vendor Sophos published a blog post in which it said that Windows 7 was vulnerable to 8 our of 10 of the most common viruses. Microsoft has responded to these test results, which are a classic case of "scare 'm and they'll fall in line".
Permalink for comment 393873
To read all comments associated with this story, please click here.
boldingd
Member since:
2009-02-19

There are a few problems with this approach, among them the performance hit that would come from virtualization (which might be small, but won't be zero), or the fact that a virtual machine wouldn't expose the host's hardware well (in particular, so far as I know, there's not good, high-performance way to expose the host's GPU). There's also the problems that, then you've got a lot of still-fundamentally-insecure apps running together in a virtual machine that's running a guest OS that's less-secure than the host. If any of those legacy apps manage sensitive information, and the virtual machine gets compromised, then you have a serious problem. There's also the fact that many insecure, low-level APIs don't virtualzie well.
Apple did something like this when they moved to OS X: if you had an <= OS 9 application, OS X would try to run the application in what amounted to an emulated OS 9. It didn't work very well; most legacy apps either didn't run well, or didn't run at all, and they didn't integrate with the rest of the system regardless. I think most Mac users took the hint and wrote off their Mac Classic applications, and used OS X native equivalents if they existed, and did without when equivalents weren't available. I know that's what I did.
I'm a fan of virtualization, but it's not a panacea, and it's not really a good way to handle any legacy apps on which you're dependent. At least, not in a desktop environment.

My other concern is that legacy applications and backwards-compatability really are good things. As someone else on this site has elegantly said before, you don't throw out a code-base with a 20-year track record just because the OS vendor says it's time to move on.

Reply Parent Score: 3