The best type of security concept is to devise a phantom computer or target for the virus to lack onto, the idea being that when a system is invaded a proxy is set up to handle all the security leaving the computer to handle all the user programs.
New company, Bromium, is releasing software today that could mean the end of computer malware as we know it. They call the software product vSentry and they call the underlying tech the Bromium microvisor. Essentially this tech gives you a "disposable virtual computer" for every task you do on a Windows PC, cofounder Gaurav Banga told Business Insider. (They will have a version for Macs, too, in a couple of months.) Think of it like having a thin sheet of glass between each Window and the guts of your PC. So when you go to Facebook, you get a piece of glass, when you check e-mail, you get a new piece of glass and so on. If your computer picks up a virus from e-mail or the 'net, no matter. It can't bust through the glass and infect the actual computer.
The virus dies when you close the window. That sounds like a fat resource hog that would make a PC super slow. But thanks to technology included in just about every Intel CPU, for the past three years it's not. Those chips have been specially made to work with technology like this, known as virtualization. "These are PCs with the Intel Core i3, i5, or i7 sticker" says Banga. Bromium works so fast, PC users don't even know it's installed, its cofounders promise. "The user experience remains unchanged. The microvisor is completely hidden from the user who enjoys a native, hi-def user experience," cofounder Simon Crosby told Business Insider. This all gets more interesting when considering the people involved. Crosby and Pratt created virtualization software before. They developed the open source Xen project, a popular alternative to VMware. Their company, Xensource, was purchased by Citrix for $500 million in 2007 and it remains a big part of Citrix today. Pratt helped Intel develop its on-chip virtualization tech, too.
Bromium’s service is designed to make malware and virus protection invisible to the user. Its micro-vm (virtual machine) tracks people as they use the web. All the data from the website visit is contained. If someone clicks a bad link, the micro-vm will keep it until the IT administrator views and disposes of it. Micro-vms are automatically discarded when a user completes an untrusted task, such as navigating away from an untrusted web page in Internet Explorer.
Downloads are treated the same way. A micro-vm is created, and it just bounces in without being able to go anywhere. Bromium has also developed a way for IT administrators to analyze the data collected by the micro-vms.
Malware and virus detectors are vulnerable these days. Patching is less effective. End-point security is less effective. Bromium’s technology is rooted in the hardware. It is a native app. Bromium will compete against the Symantecs of the world and other anti-virus and data protection companies. Bromium has a real answer to the security threats any company faces. But its weakness is that it can’t be used for Macs or mobile devices with ARM-based architectures. That will be a detriment, as more people use iPads and other mobile devices to do their work. Hopefully it isn't an oversight of the company forgetting to include other devices and operating system. Perhaps in time we might see a fully secured system for all phone and other computer platforms.
No comments:
Post a Comment