Skip to main content

"I Agree" or "Cancel": We need more options

Posted by johnreynolds on November 23, 2005 at 8:15 AM PST

The recent Sony BMC rootkit fiasco confirms a sad fact... a digital certificate doesn't guarantee much of anything.

I don't want to delve into motivations or liabilities, but I do want to examine a basic question that technologists must address:

How can we protect computing environments from hostile executable content?

In the Sony BMC incident, users installed the hostile software on their own machines voluntarily by clicking "I agree". Perhaps they were "fools" or "idiots" for doing so, but in that case I am a foolish idiot too. I seldom read the boiler-plate before clicking "I agree".

Who would dream that a consumer oriented operating system would grant a "normal" user the power to so casually corrupt the OS itself?

Is the answer an OS with a pervasive and more sophisticated Java Sandbox?

Perhaps all software that is installed on a computer should go through a probationary period. During that time, access to the file system, system registry, etc. would be tightly controlled. Data transfers to the external world would be monitored for suspiscious activity... For example, in the Sony BMC case it might be legitimate to "phone home" the name of the CD track you played most often, but there's no reason for it to phone home your bank statement.

With the flood of information and interaction between our personal workstations and the global network, it is hard to envision a mere mortal effectively monitoring traffic to and from their own devices. Hard to envision... but possible? There are a lot of really bright people out there who might figure out a way to make it practical.

Often as I wander through my house in the dead of night, heading to the kitchen for a glass of water or to get a snack, I pause to marvel at the rapidly blinking lights on my cable modem. Somebody somewhere is furiously interacting with my computer... sparks are flying off my firewall, and the "Task Manager" shows no signs of activity... but I wonder: Is all well? Is "my" machine really still mine?

This is obviously not purely an issue of technology, but surely we do have a role to play in crafting solutions.

Related Topics >>