The IT security outlook just seems to be getting worse. Maybe it's time to change the rules.
We are being bombarded these days about the increasing threat of security. Microsoft has long been a target in this area, as have Java, and Flash, but now Linux is also coming under attack. The attacks are coming with greater frequency and with greater destructive power, and they are coming in the form of malicious code, or "malware".
In order to make significant headway in the struggle against malware, we need to fundamentally change the rules of the game. In a recent article for CNET News.com, "Inherent Insecurity", I argue that fat-client architectures are inherently vulnerable to attack, and that by switching to a thin-client model we can cut down on the amount of raw material that malware has to attack. In another article, "Fencing In" for ZDNet, I argue that we need to change our basic security posture and actively contain threats rather than huddle in our bunkers. I cite early examples of fence in strategies being used against viruses, hackers, and spam. Interestingly, I just came across another application of the fence in approach being suggested for flu vaccinations.