On antiviruses and computer security · 2005-10-15 by mmzz
New Tech blog entry in my FSFE blog .
You can protect yourself from viruses with antivirus software, sure. But an antivirus can delete a file if it believes it’s a virus. And what happens if the virus database files used by the antivirus gets corrupted? The antivirus program itself can become the real threat.
Perhaps Antivirus software producers should make us know:
- how virus database files are digitally signed, so that anyone can verify them,
- how virus database files and keys are managed, to check them independently.
- show us the source code.
And the users should:
- avoid the dangers of software monocultures:
- Pushing BITdiversity: Biodiversity applied to IT environment: don’t stick to a single O.S.
- Beware of antivirus monopoly.
- Rethink redundancy:
- OS redundancy: push multiple different operating systems on the key servers and clients. If the virus attacks one OS, the other will likely be safe. Traditional redundancy will fail.
- Antivirus Redundancy: having multiple simultaneous antivirus systems with different signature files.
- Keep the data safe.
- be prepared to access to your data from a different OS.
- avoid proprietary data formats as hell.
This is a short presentation about those ideas.
