Real Defense Solutions

The real solution to preventing malicious mobile code isn’t antivirus programs and defense plans. It doesn’t involve renaming files, preventing file attachments, and putting up scanning gateways. It takes a concerted effort building strict secured operating systems, enforcing accountability, and decreasing default functionality. Unfortunately, these solutions would take massive infrastructure reengineering and are not likely to be widely deployed in the short-term. Here are real solutions we could implement in our computerized society to stop malicious mobile code:

  • Audit all code

  • Ultimate authentication

  • Vendors build more secure OS/applications

  • Prevent unauthorized code changes

  • ISP scanning

  • Allow only approved content to execute

  • National security infrastructure

  • Stiffer penalties

Audit All Code

All through this book, I have stressed the importance of not running untrusted code. In the purest sense, code cannot be trusted unless every line has been inspected for signs of maliciousness or weakness. But few companies have the resources, or time, to personally review all incoming code. At best, most companies try to run code from reliable sources. But can we even trust reliable resources? Much of the exploitable code in existence today was not intended to be malicious. The manufacturer either did not have the resources to properly audit their own code, could not imagine the ways in which it could be abused, or simply decided that consumers would put up with the possible ...

Get Malicious Mobile Code now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.