Cool Tech At RSA
One of the best bits at RSA was at the HP booth.
Marc Stiegler, Alan Karp, Ka-Ping Yee and Mark Miller have created Polaris, a system for isolating and controlling untrustworthy code on Windows. The white paper is here. It’s very simple, easy, and looks like a winner. I hope they find a way to bring it to market.
Read the following thread about limitations of the current approach Polaris uses to provide isolation on Windows:
http://www.eros-os.org/pipermail/cap-talk/2004-December/thread.html#2451
http://www.eros-os.org/pipermail/cap-talk/2004-December/002457.html
The general idea is promising, though, and it may be possible to use different Windows security mechanisms (jobs or window stations) to avoid the attacks described in that thread.