« Microsoft embraces OpenID | Main | Do as I say, not as I do »

Parking Virus

Eric Rescorla has discovered a virus in the parking lot computer system at SFO.

Trojans and malware can infect any system with a microprocessor configured to execute unrestricted code so taking measures to stop viruses makes sense. Loading commercial AV software to address the problem does not.

In the first place the chance that anyone would update the virus signatures on an embedded device is negligible. When was the last time you updated the virus checking on your coffee pot? Running AV software without up to date signatures does no good at all.

The more important reason AV is the wrong technology here is because it is software designed to deal with a very difficult problem applied to a problem where the constraint that makes it so difficult is absent. The difficulty with AV software is caused by the fact that we like to run lots of different programs on our computers. The embedded system is designed to only run one program during its entire life. A code signing/verification strategy is much more appropriate.

Posted by Phillip Hallam-Baker on February 24, 2007 5:24 AM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)