Sponsor's Message

According to at least one source, an extra 30,000 PCs are hijacked every day due to the proliferation of malware across the Net - and that causes a lot of trouble for everyone.

During the first half of this year alone, almost 4,500 different viruses and variants were detected and a total of 1,237 different vulnerabilities were identified.

To make things even worse, the rate at which these viruses and infected computers is growing seems to be almost exponential and this year's figures are already four and a half times worse than those for all of 2003.

Maybe it's time to simply admit that our existing software systems (especially Microsoft Windows and its popular applications) are simply incapable of coping with the hostile environment that the Net has become.

Right now we're doing the cyber-equivalent of driving over treacherous roads at high speed in Model T roadster without seatbelts, airbags or any other safety devices.

If you're really careful, update your map of dangerous pot-holes regularly and know exactly what you're doing then you can get from point A to point B without too much difficulty.

If however, you're an "average" driver who doesn't bother to maintain your vehicle properly and are driving to a map that is so out of date that it doesn't include the latest huge pot-holes and land mines -- well you're in big trouble. It's only a matter of time before you hurt yourself very badly.

What's more, every wrecked Model T that appears on the roadway represents yet another threat to other drivers so the problem continues to compound.

Now have your say Got something to say about today's column, or want to see what others think?  Visit The Forums While you're here, why not visit the Aardvark Hall of Shame and perhaps make your own nomination.

So what do we do to resolve this situation?

I'm sure the Linux advocates will be shouting "outlaw Microsoft Software!" which might seem to be a great idea -- but unfortunately it's more than a little impractical.

"Educate users!" is another seemingly sensible solution -- but unfortunately as I discovered just last week, even those who *know* better will still open unsolicited attachments and do other stupid things that expose their systems to attack.

As far as I can see, there are really only two possible solutions to this growing problem.

The first option is to set up what is the equivalent of a warrant of fitness and registration checkpoint at every entry-point to the information superhighway.

If Microsoft and all the various application vendors were to implement a system whereby the patch-level of their software could be easily (and anonymously) queried then those patch-level numbers could be checked for vulnerabilities.

When it is discovered that someone is attempting to log on to the Net with a copy of Windows, IE (or whatever) that is not carrying the latest security patches, that user will be automatically redirected (and restricted) to the relevant update website where they can download and apply the necessary fixes.

In effect, you'll be barred from driving on the information superhighway until such time as your WOF is up to date.

Of course this won't stop every threat on the Net but it will effectively stop all those exploits that prey on the stupid or lazy folks who don't maintain their systems adequately.

While it might take some time and effort to set up such a system, I believe it's viable and would massively improve the current situation in respect to the proliferation of worms and viruses.

The second option is somewhat more long-term and involves bringing our software into the 21st century.

Right now most software makes little use of the advanced features available in the latest generation of processors. The newest chips have some very handy features that can be used to readily prevent the kind of flaws that most often result in security holes. Things such as array overflows and allowing the processor to interpret data as code can be prevented by using more advanced code generators and software systems -- so let's do it!

Personally I find it astonishing that much of today's code contains fewer runtime checks than did the code I cut back in the 1980s -- despite the fact that we now have thousands of times as many CPU cycles available and far more advanced processor designs which should make the job very much easier.

Of course right now, software developers are a little hog-tied by the need to retain backwards compatibility with older processors so I don't expect to see this solution being totally viable for quite some time.

So there are my thoughts on the matter -- what are yours?

If you feel that this is a good thing and/or you hold a "geniune affection" for yours truly -- then you are welcome to gift me some money using the buttons provided. In gifting this money you accept that no goods, service or other consideration is offered, provided, accepted or anticipated in return. Just click on the button to gift whatever you can afford. NOTE: PayPal bills in US dollars so don't accidentally gift more than what you were intending :-)

Contacting Aardvark
I'm always happy to hear from readers, whether they're delivering brickbats, bouquets or news tip-offs. If you'd like to contact me directly, please this form. If you're happy for me to republish your comments then please be sure and select For Publication.

Other media organisations seeking more information or republication rights are also invited to contact me.

Just add a couple of lines of JavaScript to your pages and you can get a free summary of Aardvark's daily commentary -- automatically updated each and every week-day.

Aardvark also makes a summary of this daily column available via XML using the RSS format. More details can be found here.

Contact me if you decide to use either of these feeds and have any problems.

Linking Policy
Want to link to this site? Check out Aardvark's Linking Policy.

Did you tell someone else about Aardvark today? If not then do it now!