Thursday, April 17, 2008
Polaris - A very interesting research piece from HP
Mr. Alan Karp mentioned this piece of research from HP Labs during a RSA session:"Polaris is a package for Windows XP that demonstrates that we can do better at dealing with viruses than has been done so far. Polaris allows users to configure most applications so that they launch with only the rights they need to do the job the user wants done. This simple step, enforcing the Principle of Least Authority (POLA), gives so much protection from viruses that there is no need to pop up security dialog boxes or ask users to accept digital certificates. Further, there is little danger in launching email attachments, using macros in documents, or allowing scripting while browsing the web. Polaris demonstrates that we can build systems that are more secure, more functional, and easier to use."The paper is quite simple and easy to understand, and but gives us some very important lessons. If Microsoft has tried a similar approach on Vista the UAC may have been more well accepted by users.This kind of research should be the core of Security Innovation.Â Instead of trying to build "Anti-X", "Anti-Y" stuff, we should concentrate on reviewing things that are badly designed and that can be fixed in a elegant way, the same as Polaris does.