[cap-talk] Polaris: Virus Safe Computing for Windows XP
Mark Miller
markm at cs.jhu.edu
Tue Dec 7 16:51:13 EST 2004
>>Karp, Alan H wrote:
>>>After all, firewalls don't make us perfectly safe, but
>>>no one advocates abandoning them.
I wrote:
>>Just for the record, I do.
Karp, Alan H wrote:
> Be careful. A fellow here hooked up a Windows machine directly to his
> DSL connection. Withing 15 minutes it was hacked so badly he had to
> completely rebuild it.
I should have made the time frame clear. I do not advocate abandoning
firewalls yet. I was speaking long term.
We must first abandon grossly vulnerable end point OSes, which unfortunately
includes all currently deployed OSes. Once one has abandoned these OSes, then
I advocate abandoning firewalls as well.
Even in my fantasy future, I expect we will continue to run or simulate legacy
OSes in order to run legacy software, essentially forever, but these should be
suitably confined.
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list