Google promises end to viruses - Fortify says: don't be hasty
"You can have the most bug-free operating system in the world - which is what energy companies have in the shape of the SCADA-compliant embedded firmware that drives their critical systems - but if the software has bugs in it, you're dead in the water," said Richard Kirk, Fortify's director.
"The plans of Linus Upson, Google's engineering director, outlined in the latest New Scientist magazine are laudable and, if they turn out to be correct, will make computing a lot safer for everyone, but the plethora of software that is available - and being developed all the time - makes the task of eradicating viruses impossible," he added.
According to Kirk, this isn't to decry Google's plans for a secure operating system, although he noted that the company's plans took a battering this week when two flaws were revealed in the Chrome browser application.
The irony of Upson's plans is that embedded firmware versions of Windows are already in active use on SCADA-compliant systems in critical government and utility grids the world over, he explained.
The downside of using an embedded operating system is that it cannot be easily updated, but that is a small price to pay for a more secure computing environment, the Fortify director went on to say.
"Google's promise of a flaw-free operating system with Chrome is a really great idea and we applaud that, but our business is based on helping software developers boost the security of their applications during the code audit stage," he said.
"And given that our clients anticipate code auditing to be an integral part of their development plans for some time to come, I think Google's promise to eradicate viruses is a bit on the optimistic side," he added.
For more Google's no-virus operating system plans: http://preview.tinyurl.com/nt8m3k
For more on Fortify Software: http://www.fortify.com
Diese Pressemitteilungen könnten Sie auch interessieren
Weitere Informationen zum Thema "Sicherheit":
Security Awareness für Programmierer
Hacker, Malware und Cyberspionen wirksam den Zugriff auf digitale Unternehmenswerte zu verwehren ist nicht einfach. Man investiert dafür in clevere Software, durchdachte Prozesse und letztendlich auch in Security Awareness beim Mitarbeiter, der als engagierter Wächter ebenfalls Bedrohungen erkennen und eliminieren soll. Gerade Gruppen wie Programmierer bleiben bei diesen Maßnahmen aber oft inhaltlich ausgeschlossen, da man nicht auf Ihre Bedürfnisse eingeht.Weiterlesen