Thinking Beyond The Gates
When I saw this headline in a recent Computerworld mag, my first thought was that the “Gates” Robert L. Mitchell was referring to was Bill Gatus of Borg. Mr. Mitchell describes the problem accurately in his article: “As I gave my neighbor an hour-long lecture on how to avoid future problems [with spyware, viruses, trojan horses, etc], I saw his confused look and realized how wrong this whole situation is. Why on earth does a consumer need to know all this stuff? The idea that consumers should configure security on PCs is ridiculous.” I am disappointed that Mr. Mitchell didn’t provide any “solutions” to this problem. Education of end users, peer-to-peer, is something we definately need to continue to do. But I think the real solution to this problem lie beyond the Gates: Microsoft products, that is.
Lately, I have been fascinated by bootable Linux distributions. The fact that you can pack so much useful software into a read-only medium that cannot be changed is great. I’m playing with the smaller distributions like Damn Small Linux and Feather Linux. They can essentially load the OS and applications entirely into RAM, at least on the computers I am using them on. For basic web browsing and the like, it means “no moving parts” making my laptops quiet enough that I can “hear” the screen redraws. Data can be “volatile” (not saved) or stored on a hard drive or USB Flash drive if desired.
Looking at these two things together, it presents an interesting solution to the virus problem: Make the OS and applications “read only” on a CD or other medium that is essentially “hard locked” as read-only. It’s pretty difficult to infect applications or parts of the OS that cannot be written to. This kind of design forces the seperation of data from program and operating system–something that is next to impossible to do on any version of Windows. In the case of the “smaller” Linux distributions that load entirely to RAM, on the odd chance something does get infected, a simple reboot clears the infection.
You could even take it a step further and essentially make computers like a Playstation: each “boot disk” serves a specific purpose. Want to do one set of tasks? Boot this CD. Need to do something different? Then boot this other CD. There are a number of specialized-purpose bootable Linux distributions out there, so this idea isn’t entirely far-fetched. Regardless of what you boot on, your data stays around either on a hard drive, USB flash drive, or whatever. Not only does this significantly reduce the potential security problems, it also makes “upgrading” a significantly easier task. Want a new version of XYZ program? Just boot up on a newer version of the CD. Want a completely different OS? Boot on a new CD. Your data? In a completely seperate area unmolested by the upgrade process.
For the geeks in the house who might groan about this kind of an inflexible setup: there’s nothing preventing you from doing things as they are done today. We’re geeks, we know what we’re doing. Many people don’t entirely know what they are doing with their computers, nor do they care. They shouldn’t be expected to care. We should be making computers simpler. If they were simpler, we wouldn’t have to spend so much time cleaning up the mess left by an non-geek computer user.