Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What keeps o.s. designers from, in a small way, mimicking biological immune sys?


  • Please log in to reply
2 replies to this topic

#1 Old_Feller

Old_Feller

  • Members
  • 180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lufkin, Texas
  • Local time:09:07 AM

Posted 12 May 2017 - 06:07 AM

It's probably one of those questions that, after I have thought about the answer, will feel stupid for having asked it. But why can't o.s. designers make a program that knows exactly what is supposed to be there and when something foreign is detected, quarantines it with digital t-cells? Let's say I have an encrypted password to use anytime I download something or copy from outside storage. A program that halts all traffic when a foreign packet comes in locking the user out while demanding payment or blue-screening or anything that is not normal behavior for windows. In other words, it detects, it stops/blocks, it analyses and reviews what came in and from where, it blocks the site, it then proceeds to extract the pathogen putting the computer back in good health. The site is auto added to a black list and the computer refuses to go there until the user manually takes the site out of the POISON list. Also the program could, in the future, alert to the smallest bit of contiguous known "poison" code and react accordingly. Etc and whatever.

 

Obviously there are reasons that this will not work or someone would have done it by now. If anyone would like to take a shot at explaining why some form of limited mimicking of biological immune functions could not work with a computer, I'd appreciate it.   :radioactive:



BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:07 PM

Posted 12 May 2017 - 12:34 PM

It exists: application whitelisting.

https://en.wikipedia.org/wiki/Whitelist#Application_whitelists


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 Old_Feller

Old_Feller
  • Topic Starter

  • Members
  • 180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lufkin, Texas
  • Local time:09:07 AM

Posted 14 May 2017 - 10:28 AM

Well, it's a start. Thanks for the reply, Didier.   :thumbup2: 

 

 I see McAfee is "a leading provider" of app whitelisting. I've never used McAfee. I wonder how they compare with other sto'e bought anti-pathogen software guard-dawgs .....






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users