Let’s say first that we know (some) users will inevitably agree to let malware compromise their system, no matter the popup or protections
A compromised system that’s transparent:
- Has only one way an executable can be started and, being designed as a “salt flat”, it’s easy to read
- Exposes all I/O and all network requests (to admins), regardless of driver abstractions
In this case, even a young enthusiast can look at a system and immediately see that it’s compromised, remove it’s ability to start or do work, and likely remove it from the system entirely.
The inspiration for this approach is a backlash against the absolute glut of places to hide in current user-focused systems. From multiple startup options, to services, to drivers, and in to the “hidden from the admin” executables that can be compromised it’s an ever-worsening problem that erodes user’s ability to keep their own system secure
Let’s say first that we know (some) users will inevitably agree to let malware compromise their system, no matter the popup or protections
A compromised system that’s transparent:
- Has only one way an executable can be started and, being designed as a “salt flat”, it’s easy to read
- Exposes all I/O and all network requests (to admins), regardless of driver abstractions
In this case, even a young enthusiast can look at a system and immediately see that it’s compromised, remove it’s ability to start or do work, and likely remove it from the system entirely.
The inspiration for this approach is a backlash against the absolute glut of places to hide in current user-focused systems. From multiple startup options, to services, to drivers, and in to the “hidden from the admin” executables that can be compromised it’s an ever-worsening problem that erodes user’s ability to keep their own system secure