Linked by David Adams on Fri 10th Jun 2005 15:25 UTC, submitted by tm
Bugs & Viruses Many virus attacks aren't really exploiting weaknesses in your operating sytem: they're simply tricking you into telling the OS to do things that it shouldn't do. The OS is just doing its job, executing code when you say so. Researchers at HP Labs are working on a solution to this problem using the Principle of Least Authority, or POLA -- "limiting the rights of each program to only the ones needed for the job the user wants done"
Permalink for comment
To read all comments associated with this story, please click here.
RE: No system weaknesses?
by jesse mcnelis on Fri 10th Jun 2005 16:52 UTC

"** The OS should recognize how an executable entered the system and react accordingly. If the file came by a channel that is typical for malware (e-mail, IM), the OS should ask that extra question on install."

Asking users "if they are sure" is silly.
You could pop up 100 "are you sure?" messages and still the user would just click through them all.

Protecting one's computer from 'virus' attack is rather simple. Run as a low privillage user and Just don't run untrusted executables.