<div class='os_post_top_link'><a href='http://www.physorg.com/news9392.html' target='_blank'>http://www.physorg.com/news9392.html</a><br /><br /></div><i>"Imagine anti-virus software for handhelds that's less than the size of a typical PowerPoint file, needs no yearly subscription, yet it can protect mobile phones, PDAs, iPods or any other smart devices from not only known viruses but also all future unknown viruses and other malware. It may sound too good to be true, but that's a new anti-virus product, an Indian software company based in Madras called Sanrasoft claims to have developed . . . It takes a snapshot of a device in complete detail in its malware-free state and continuously monitors system and file changes. New files, changes in configuration, changes in system control files and changes in critical application program files are all evaluated for potential threats. Any change in the system state that represents a potential threat is immediately acted upon"</i><br /><br />If true, then this could indeed be a breakthrough in anti-virus technology. Apparently the application will be so small that you wouldn't even know that it is present. I find it hard to tie that claim with the talk of 'system snapshots', which usually tend to be bulky. Still, they also mention preventing any unauthorized program from executing on a device, which could be hint as to how this is meant to work, i.e. only allowing 'trusted' executables to run. There are a lot of claims being made about this program and I'll believe them when I see it in person. If only a few of the promises work out, then this will worth waiting for. However, I'm more interested in the PC version, rather than the Pocket PC version. Thankfully there are extremely few viruses targeting mobile PPCs in the wild.... for now. The program should be available in the US (and presumably in the rest of the work) in mid 2006, just after the Windows PC version is released in April. What do you guys reckon? Too good to be true, or just what the doctor ordered?

Since the threat is so low now its kind of a yawn. As you say the PC version is more interesting at present.

Evaluated? Explain to me how it differentiates between a virus that writes random bytes to a file and an encryption program that seemingly writes random bytes to a file?

Sounds to me like a solution in need of a problem to solve!

While mobile devices are not currently as susceptible as Windows PCs, they are not totally secure either. So I wouldn't characterize this as a solution without a problem.

I am curious how well this will work for a Windows PC. Or for Mac and Linux... the article states versions for those OSs are in the works (spyware and viruses don't exist for OS X, but that could change so something like this could be useful, even for a "secure" OS).

Side topic:
This is still a band-aid solution. Why note take a completely different approach to computer file systems and make them composed of objects with the following hierarchy?:
Documents/User Objects: files that can be modified by user(s)
Interface Objects: can be modified only by users with interface privileges (i.e. can make changes to the system’s interface, menus, etc)
Program Objects: can be modified only by users with program privileges (i.e. can install programs)
Hardware Objects: can be modified only by users with hardware privileges (i.e. can install or configure hardware)
System Objects: can be modified only by users that have administrator access (i.e. can monkey with the operating system)The idea here is that instead of needing to enter an administrative password to install something, you’d only need to enter a program password, which would not give access to the system or hardware. Seems like that’d eliminate most spyware/viruses while also taking care of Windows’ susceptibility to being inadvertently screwed up by users (or by poorly written programs) as well as Windows’ tendency to deteriorate over time. And while OS X is a lot more solid in these areas, right now there is the potential for malicious code to be embedded in a seemingly benign installer (many of which require authentication).

But that'd require companies like Microsoft and Apple to start over from scratch...

Side topic:
This is still a band-aid solution. Why note take a completely different approach to computer file systems and make them composed of objects with the following hierarchy?:
Documents/User Objects: files that can be modified by user(s)
Interface Objects: can be modified only by users with interface privileges (i.e. can make changes to the system’s interface, menus, etc)
Program Objects: can be modified only by users with program privileges (i.e. can install programs)
Hardware Objects: can be modified only by users with hardware privileges (i.e. can install or configure hardware)
System Objects: can be modified only by users that have administrator access (i.e. can monkey with the operating system)The idea here is that instead of needing to enter an administrative password to install something, you’d only need to enter a program password, which would not give access to the system or hardware. Seems like that’d eliminate most spyware/viruses while also taking care of Windows’ susceptibility to being inadvertently screwed up by users (or by poorly written programs) as well as Windows’ tendency to deteriorate over time. And while OS X is a lot more solid in these areas, right now there is the potential for malicious code to be embedded in a seemingly benign installer (many of which require authentication).

But that'd require companies like Microsoft and Apple to start over from scratch...

Or maybe use IBM's OS/2? Seems to me that this is what you're really talking about :wink:

I was a big proponent of this OS until Microsoft managed to kill it. Well, it's still used in ATM machines :cry:

Or maybe use IBM's OS/2? Seems to me that this is what you're really talking about :wink:

I was a big proponent of this OS until Microsoft managed to kill it. Well, it's still used in ATM machines :cry:
I read that OS/2's shell is object-oriented and that it uses a system object model, but that's a far cry from what I'm suggesting above.

I also read that OS/2's design could've "made it as vulnerable as Windows, but its reduced market share appears to have discouraged virus writers". With the model I was thinking of, it should be very easy to secure the system. Though to be fair to OS/2, the marketshare comment may be BS... after all, some make the same claim about OS X (the reality is that while it would most certainly have some viruses if it had 95% of the market, it is also fundamentally more secure than Windows and there's no rational reason to think it'd be as overrun with spyware/viruses as Windows is).