| What I mean can be shown with an example: Let’s say first that we know (some) users will inevitably agree to let malware compromise their system, no matter the popup or protections A compromised system that’s transparent: - Has only one way an executable can be started and, being designed as a “salt flat”, it’s easy to read - Exposes all I/O and all network requests (to admins), regardless of driver abstractions In this case, even a young enthusiast can look at a system and immediately see that it’s compromised, remove it’s ability to start or do work, and likely remove it from the system entirely. The inspiration for this approach is a backlash against the absolute glut of places to hide in current user-focused systems. From multiple startup options, to services, to drivers, and in to the “hidden from the admin” executables that can be compromised it’s an ever-worsening problem that erodes user’s ability to keep their own system secure |