Lock in to security


Lock in to security


Eddie Bleasdale

There has been a debate in Computer Weekly around claims that there are viruses affecting Linux. However, some of the fundamental issues that must be resolved for organisations to achieve secure e-business have not been addressed.

It is not possible to have firewalls and virus scanners for mobile devices. The first viruses for Wap have occurred because security is an "optional extra". Public unease about security could scupper e-business rapidly.

Identifying who remote users are and authenticating them can be achieved, in part, by using public key cryptography. However, encrypting e-mails renders anti-virus scanning software useless. So, what is the long-term solution?

When code is executed that has been received over the Internet the security of our system is threatened. While there are no effective controls that prevent unauthorised code being executed on computers running Microsoft Windows, there are the necessary controls in Linux - hence the reduced security threat and the lack of viruses.

However, to increase the level of security where encrypted e-mails contain executable code, then only e-mails that have come from a known person should be executed. Similarly, when downloading software from remote sites, the files should be signed and should have a checksum to ensure the software comes from a known and trusted source.

The Open Source community must not smugly say viruses are no threat to Linux/Unix. It must ensure that this situation remains the case. That said, there is no place for anti-virus software that simply scans e-mails in the world of secure, mobile e-business.

Eddie Bleasdale is director of netproject

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

This was first published in October 2000


COMMENTS powered by Disqus  //  Commenting policy