Chapter 27. Virtualization: Host Security’s Silver Bullet?
The biggest problem with host-based security has always been what happens when your protection fails. And yes, all traditional host-based protections will have the potential for failure, especially when you consider that it’s generally easy to trick users into installing bad stuff.
But when your protection fails, and the bad guy has a foothold on your machine, you’re in a very bad spot. The bad guy generally can, if he puts in the effort, disable any security product you are running on your machine. So even if your product of choice eventually does protect against a threat, it could be too late for you.
Often, when bad guys disable things, they don’t disable all security products. If you’re using a good product that isn’t as popular, that can leave you better off than running something with a brand name that every bad guy in the world will want to target.
The security industry hasn’t been able to overcome this problem in the past 15 years. I expect to see that change because there is a relatively easy solution to this problem—virtualization technology.
With virtualization, you can run one operating system on another. I don’t mean that you have to be running two graphical user interfaces on top of each other, such as running Windows on Mac OS X. Instead, you could have a very small operating system that the user typically doesn’t see. Just for the sake of discussion, let’s call it SecureOS. This operating system would have your ...
Get The Myths of Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.