Wednesday, May 11, 2011

Virtual browsing

My two previous posts remind me of this site somebody pointed me to recently. It purports to test recent malware against quite a few if not most of the best Windows security products. I think these tests are a better indication of the effectiveness of security products (anti-virus, anti-spyware etc.) than tests against a huge bank of malware samples. In such tests, security products often score 96-97% in detecting malware; in tests like this, they score far lower- 40-60%- because "0-day" malware is designed to evade detection- and largely does.
This is why the results obtained by DefenseWall (a product I'd never heard of) impressed me: 100% protection. How do they do it? Well I checked the product web site, and it seems DefenseWall is a virtual system: a computer within a computer. has a review. (The DefenseWall site seems to have disappeared, so I don't know if the product still exists.)
Running a virtual system is one way to beat malware- until the virtual system is breached, and you need to run the virtual system in a virtual system to remain secure- but it must carry a performance penalty.
While Windows users are running virtual machines and sandboxes to remain secure, I'm running Linux with no layers of virtualisation, no sandboxes, no HIPS or behaviour blocker- indeed, no security products at all to slow down my computer. Of course it's possible to argue that this security is down to Linux's low profile rather than inherent superior security, but for the moment at least Linux is ipso facto more secure.

No comments:

Post a Comment