It sounds like something Arthur C. Clarke could have dreamt up, but in fact this system (“ClearView”) is the product of Martin Rinard and Michael Ernst of MIT. It is capable of analysing running software to determine errors and security breaches. Then, before damage to the host system can be wrought, the compromised application is shut down. Even more impressively, the ClearView performs sophisticated analysis on the issue to come up with patches and fixes to improve future security for that application.
ClearView studies the running program and assigns a set of rules based on its knowledgebase for that type of application. It does not need to study source code (like a programmer trying to fix a bug would have to) as it studies the live, running program. This makes it suitable even for obsolete software that has been abandoned by the original vendor, or for applications whose source code is no longer available.
In a recent test, Firefox was installed onto 10 different machines and a hostile team of “hackers” tried to compromise each one. On each occasion, Clearview closed down Firefox and for 7 out of 10 of the attacks, it created a patch that closed the loophole. In all cases, patches with negative side effects were discarded.
Our take? It’s definitely a step in the right direction. With over 50 million lines of code in Windows Vista, for example, it is expected that there are problems to overcome. If ever-increasing software complexity is not to bring with it an ever-increasing “bug hunting” problem, then tools like this are going to be an essential commodity in the stablisation and securement of all our future computing platforms and applications.
So in the not too distant future Nemark may be using tools like this on your servers & networks!
No comments:
Post a Comment